kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,497 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

2103 Commits

Author SHA1 Message Date
Abu Kashem 3c7f54740f apf: add plumbing to estimate width" of a request 
- add plumbing that allows us to estimated "width" of a request
- the default implementation returns 1 as the "width" of all
  incoming requests, this is in keeping with the current behavior.

Kubernetes-commit: 9b72eb1929a64b9d5a5234090a631ba312fb4d41
 2021-05-11 07:03:05 -04:00
Abu Kashem f410577081 apiserver: close handler chain right after shutdown delay duration 
Kubernetes-commit: de7e56bf37440ca6a4c634ede8abaf1315fe9de3
 2021-06-07 18:13:24 -04:00
AbdulBasitAlvi da18259e5b hotfix(staging_apiserver_pkg_httplog): restore depth to log calls 
/kind bug

This PR adds depth to logging which was removed when migrating to structured logging in the file

Ref #102353

```release-note
NONE
```

```docs

```

Kubernetes-commit: 5d4c1162b944ff34374313103d0555ac0b334a1d
 2021-05-30 01:42:54 +02:00
Abu Kashem 9421ee44c4 apf: fix flake in test 
Kubernetes-commit: 8847a25026711f51ae694fe8288e285a48e70675
 2021-06-01 20:07:51 -04:00
njuptlzf dd5fc094cd Use objGV instead of gvk.GroupVersion 
Kubernetes-commit: 15c4d579f08335f33555d3cab5eff41c74e671b9
 2021-06-02 14:27:30 +08:00
Kasakaze f0159a94e3 Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 58d7bf67d4694d52610097c72fe79012e19c5da0
 2021-06-02 10:53:05 +08:00
Kasakaze da0758027d Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: b9b01a0f901513370cf3e981544a79f57e321d67
 2021-06-02 10:52:44 +08:00
Kasakaze e7a594074a Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 19c72a6cd05da805b1bec9fe567614ef82bf7beb
 2021-06-02 10:52:35 +08:00
Kasakaze 1b73b18c80 Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 0ae6a7bac6ba268c59e82222d69ad91e381e79bc
 2021-06-02 10:52:22 +08:00
njuptlzf 790f5a21a7 Fix auditing failed of request: encoding failed 
Kubernetes-commit: 329f7d55d1344f728e28ce49728234f9f8f4c5d3
 2021-05-17 02:31:08 +08:00
Jordan Liggitt 84ac736f8e Fix audit unit test file location 
Kubernetes-commit: 91e5d98b572a74bf827a575559238cc0a4be6c57
 2021-06-04 17:23:34 -04:00
Jordan Liggitt 584c18160b Fix closing of decorated watcher channel on timeout 
Kubernetes-commit: bd2d63dd57e6011bfa3218e59e27fddaa295426b
 2021-06-02 14:05:52 -04:00
wojtekt 9b71cff19c Fix watch rejections in P&F filter 
Kubernetes-commit: 8054b0f808d116658ac086e4b71fb34d1502cd57
 2021-06-02 08:22:29 +02:00
wojtekt d000916ae7 Address watch panics in P&F handler and extend testing. 
Kubernetes-commit: d9d51541a87ec627160d7d6a1fcd4b357a0fa493
 2021-05-27 14:49:54 +02:00
wojtekt 5290a24345 Implement support for watch initialization in P&F 
Kubernetes-commit: 0cc217647ca8be0820973b970124a072c27b6575
 2021-05-07 12:49:06 +02:00
xiaofei.sun 4f1bee1bff fix watch_cache_capacity metrics 
Kubernetes-commit: e3841e91c81e842f2a591b80b67d46c3f7f7adde
 2021-06-01 21:42:45 +08:00
pacoxu a18ab75c53 depracate ValidateProxyRedirects as it is with StreamingProxyRedirects 
Signed-off-by: pacoxu <paco.xu@daocloud.io>

Kubernetes-commit: 27044f4855209c515c57a77378fce970af097b14
 2021-05-26 20:18:49 +08:00
pacoxu d636703205 Default StreamingProxyRedirects to disabled 
Signed-off-by: pacoxu <paco.xu@daocloud.io>

Kubernetes-commit: 2eb90f9b80982d31efa971450ea7ac60359f9442
 2021-04-30 14:07:43 +08:00
Julian V. Modesto f753bce9f8 Make a public ValidateAnnotationsSize 
Kubernetes-commit: 2e771b8e745c4a3be0d5bae3a6dc94087284c73b
 2021-05-25 16:01:38 -04:00
Julian V. Modesto a01d02b7fd Make validation totalAnnotationSizeLimitB public. 
Replace the forked totalAnnotationSizeLimitB with
apimachineryvalidation.TotalAnnotationSizeLimitB.

Kubernetes-commit: 55ff96301797a503b6ee1d09f0eb2ffc827f01b1
 2021-05-18 17:28:11 -04:00
Xiaojun Hu f9b4d95442 add fail-open audit logs to validating and mutating admission webhook 
Kubernetes-commit: 9fe7c8955bcb1edbb5aa4fe6bfb8bb6d93d381de
 2021-05-18 13:31:03 -04:00
Abu Kashem ec22c8bdd8 apf: add "width" for request 
all requests have a width of 1 to maintain current behavior.

Kubernetes-commit: b50507d98bd12503592ea62d2be2aadef49bdf70
 2021-05-11 07:03:05 -04:00
Jordan Liggitt 689a6cc12f Graduate WarningHeader feature to GA 
Kubernetes-commit: e3ea169d7d8b2c1417ef5a71ee1015f186ca0e3c
 2021-04-01 02:51:48 -04:00
Jordan Liggitt 754e90a0a3 Promote apiserver_requested_deprecated_apis metric to stable 
Kubernetes-commit: 7877539e3095669629e81633019836d2cdb7c368
 2021-05-11 16:24:58 -04:00
Mengxue Zhang 15750850e0 specify pod name and hostname in indexed job 
Kubernetes-commit: e64e34e0298d27d4099b632f5b7c1ba38fc66561
 2021-04-29 03:33:36 +00:00
Jordan Liggitt 8dd82c2391 Add WarningsOnCreate,WarningsOnUpdate 
Kubernetes-commit: 8c8a4cf3e4a18e97359ce750530a4fa27bbd3b88
 2021-04-30 21:46:54 -04:00
Julian V. Modesto c10cbf5412 Respect annotation size limit for SSA last-applied. 
To support CSA and SSA interoperability, SSA updates the CSA
last-applied annotation.

This change ensures we don't set a big last-applied annotation if the
value is over the annotation limits.

Also, make sure that it's possible to opt-out of this behavior by
setting the CSA annotation to "" the empty string.

Kubernetes-commit: 6054320be1e50a450e9d1e19a79caa96f2035d4d
 2021-05-18 15:06:48 -04:00
Marcel Zięba 489e43cad9 Add logging of filters to api calls logs 
Kubernetes-commit: 7e01b7260ac5cc20c1fc236cae220857726dc330
 2021-05-17 11:52:33 +00:00
Lukasz Szaszkiewicz 1d2b77256f adds a unit test for checking if graceful shutdown of HTTP2 server works 
Kubernetes-commit: 373fc7d711a2fb39b7e94737b2b880feca596171
 2020-12-11 13:12:46 +01:00
David Eads d15d62d4df enforce strict alpha handling for API serving 
Kubernetes-commit: 21faec925459bce93954e0f0110ebd3a4f207c24
 2021-05-12 09:17:15 -04:00
David Eads 2286099903 update integration tests to reflect the kube version to stop serving removed APIs 
Kubernetes-commit: d6a4afa5b8f6b7a17868649ea40b370c7f12a37f
 2021-05-11 15:17:40 -04:00
sanwishe 1b6c1bf2dd Structured Logging migration: for package staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates 
Signed-off-by: sanwishe <jiang.mingzhi35@zte.com.cn>

Kubernetes-commit: 6eb645088c41f5f9309ad27a3fe80ccebd18460d
 2021-05-10 20:08:14 +08:00
zhuangqh 640ba0e40e docs: fix outdated enhancement doc link 
Signed-off-by: zhuangqh <zhuangqhc@gmail.com>

Kubernetes-commit: adf28648cb32d17cd186a6c7e8b264419e6d0759
 2021-02-24 15:22:50 +08:00
pacoxu e11aa23b6b wait for poststarthook/max-in-flight-filter to be initialized asynchronously 
Signed-off-by: pacoxu <paco.xu@daocloud.io>

Kubernetes-commit: 3c4eb55b4acd4bc4740b15a58fc7da0d5b516300
 2021-05-07 15:17:03 +08:00
Maciej Borsz 770eb2bc44 Update watcher.go 
Kubernetes-commit: 532e35ba31e4df0a2df7dd5f2930035ce9379559
 2021-05-07 16:07:34 +02:00
卢振兴10069964 549cbbf8de fix broken link in some files 
Kubernetes-commit: b29a5fb0746f772b38da570cd8fdc77396ffca31
 2021-04-13 08:43:24 +08:00
Abu Kashem df062f56c2 add auto update for apf bootstrap configuration 
Take the following approach:
On a fresh install, all bootstrap configuration objects will
have auto update enabled via the following annotation :
`apf.kubernetes.io/autoupdate: 'true'`

The kube-apiserver periodically checks the bootstrap configuration
objects on the cluster and applies update if necessary.

We enforce an 'always auto-update' policy for the mandatory
configuration object(s).

We update the suggested configuration objects when:
- auto update is enabled (`apf.kubernetes.io/autoupdate: 'true'`) or
- auto update annotation key is missing but `generation` is `1`

If the configuration object is missing the annotation key, we add
it appropriately:
it is set to `true` if `generation` is `1`, `false` otherwise.

The above approach ensures that we don't squash changes made by an
operator. Please note, we can't protect the changes made by the
operator in the following scenario:
- the user changes the spec and then deletes and recreates
  the same object. (generation resets to 1)

remove using a marker

Kubernetes-commit: 759a64136b0d4619d5535adb79a8367e124b06c6
 2021-01-12 16:12:13 -05:00
Chao Xu 8f650d1e76 Move the comment to the right line 
Kubernetes-commit: 6001c70c7274d88b566ac3ff40e4f8900cc23c54
 2021-04-23 00:05:15 +00:00
Chok Yip Lau f0cd8bd9bf Fix staticcheck on vendor/k8s.io/apiserver/pkg/server/httplog 
Kubernetes-commit: eaaa803d48e8d78e5ad6d49324169e9d775ed7bc
 2021-01-08 17:57:20 -05:00
Abu Kashem b84fa01322 add more context to post timeout request activities 
Kubernetes-commit: 66587afb60b10569aa4ed35d53a4a91fcc40abd2
 2021-04-09 12:09:35 -04:00
JUN YANG 2a99e7e764 Fix misspelling of condition. 
Signed-off-by: JUN YANG <yang.jun22@zte.com.cn>

Kubernetes-commit: 6c566f6dfa5b76d105ce24b3b0cb7f5e3d50d018
 2021-03-14 00:17:58 +08:00
mozillazg eca89e844c Fix staticcheck failures for vendor/k8s.io/apiserver/pkg/registry/rest/resttest 
Kubernetes-commit: 92ece853be2969fd8f9716434c8fb062e1ebef9b
 2021-04-17 16:07:19 +08:00
caozhiyuan 5a479e600e fix hardcoding and format error log 
Kubernetes-commit: c468a02718402bf42ffc0cd8cdbdf805fdf903a2
 2021-04-14 20:19:41 +08:00
Chao Xu 218926b065 Switch the order of adding SNICert and creating LoopbackClientConfig 
Kubernetes-commit: 1df4503b859a2b7b2b7f9c5bcf400f61cc29d349
 2021-04-22 23:17:39 +00:00
Monis Khan 5289a15a1a client-go transport: assert that final CA data is valid 
Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: 440ea3ef49e0ac77353ceeaebc2aad6c995d5b35
 2021-05-03 10:11:54 -04:00
Stanislav Laznicka 7eb7056b38 webhooks,aggregation: add metrics to count certs missing SAN 
Adds counters to generic webhook code and to the kube aggregator
so that it is possible to effectively measure the impact of
Golang 1.15's deprecation of x509 cert CN hostname
verification.

Kubernetes-commit: 9d6a19efff05a40081337a2fcb3dce6331b04022
 2020-10-06 13:02:52 +02:00
Abu Kashem 4e12e0cd34 apf: use a list instead of slice for queueset 
Kubernetes-commit: 69f9bc181f155ded7c5d5cc0ca9f026a6b42f431
 2021-03-29 11:31:12 -04:00
Antonio Ojea 04c8c14809 admission metrics reset metrics after tests 
Kubernetes-commit: b1a81d2fb8b4528172a8de6de01b53526b7b2277
 2021-03-13 21:26:22 +01:00
Zhou Peng c233874954 [k8s.io/apiserver/pkg/endpoints/discovery/]: improve readability 
Do not wrap code here

Signed-off-by: Zhou Peng <p@ctriple.cn>

Kubernetes-commit: 95f7b4d8544eeba0bc06122b1a35db1ab603f19d
 2021-04-27 13:55:31 +08:00
Lukasz Szaszkiewicz a9e68c9b32 let objects without metadata pass through the managedFields admission controller 
Not all objects provide metadata. There might be extention servers that allow for creating objects without the metadata field.

This PR changes the managedFileds admission to deal with objects without the metadata field.
Object without that field will be passed directly to the wrapped admission controller for further validation.

Kubernetes-commit: 3dbaf305ae1e52105a338987f3770ff104def68b
 2021-04-29 14:08:36 +02:00