kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,609 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

6609 Commits

Author SHA1 Message Date
Kubernetes Publisher f807a349b2 Merge pull request #118945 from andrewsykim/update-request-filter-duration-buckets 
Introduce larger buckets for request_filter_duration_seconds and request_wait_duration_seconds

Kubernetes-commit: 2ee01fb673213c80cb8afc79c60c32adeadb413c
 2023-06-29 15:00:55 +00:00
Mike Spreitzer d03cf9927b Introduce apiserver_flowcontrol_current_executing_seats metric 
This is a duplicate of
`apiserver_flowcontrol_request_concurrency_in_use` but with a better
name.  Hopefully we can later remove the copy with the inferior name.

Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>

Kubernetes-commit: 65e818d4ecfb7bf2a165897fb1caf29bf42f4f83
 2023-06-29 01:43:17 -04:00
Mike Spreitzer 078694d35d Make QueueSet support exempt behavior; use it 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>

Kubernetes-commit: f269acd12b225f6a2dbbfae64a475f73f448b918
 2023-06-28 22:55:30 -04:00
Kubernetes Publisher 98133773bf Merge pull request #118182 from seans3/wsstream-refactor 
Refactor wsstream library from apiserver to apimachinery

Kubernetes-commit: 056f3a56b821a063210c2c4a67cc7a4d0a361afe
 2023-06-28 22:37:20 +00:00
Anish Ramasekar 822396743a [StructuredAuthenticationConfig] wire request context to claim resolver 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 150f732c7ee68cd738043c5e8a9966a9d55fb69d
 2023-06-28 20:37:40 +00:00
Andrew Sy Kim d969ae0916 apiserver: introduce larger buckets for flowcontrol request_wait_duration_seconds bucket 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: 16fdd3e5eef452712165b7625b2fec078fa79b7b
 2023-06-28 15:08:15 +00:00
Andrew Sy Kim 986c8832e5 apiserver: introduce larger buckets for request_filter_duration_seconds metric 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: c607984379234249403354bf1f9a2e86a740caf0
 2023-06-28 14:19:51 +00:00
Wojciech Tyczyński b560936651 Generalize watch storage tests 
Kubernetes-commit: 8266c4d934d42a5175a84bff10fda4bf36f13817
 2023-06-27 18:12:30 +02:00
Kubernetes Publisher 7d79c570c7 Merge pull request #118888 from enj/enj/i/kms_interface_split 
kmsv2: no-op: split transformer interface

Kubernetes-commit: 5e85f21e5be69d9e941771138002fdcfc48afbf2
 2023-06-27 01:18:39 +00:00
Jiahui Feng 9eebea091a add test for authorizer type checking. 
Kubernetes-commit: 7ccc23178396fb7c50cd59a16a62e7d79ba973a9
 2023-06-08 15:51:05 -07:00
Jiahui Feng c85cef6cc3 add support for authorizer to type checking. 
Kubernetes-commit: 04fa4184ed349d6ccce5be4daa7561356eebeea3
 2023-06-07 10:11:30 -07:00
Richa Banker 8859465680 Add servedVersions info in StorageVersion API 
Kubernetes-commit: 1c48b7ec144785b4b2493a01d82e40d6d34ce578
 2023-06-01 18:07:56 -07:00
Amine a4fba6de9b Move DeleteFunc logging to level 2 
Kubernetes-commit: 28b6c90696680c87cab04b539c0bca6af7d66bac
 2023-05-24 13:50:50 -05:00
Sean Sullivan 62e3f1a6d5 Re-add the legacy wsstream package and deprecate it 
Kubernetes-commit: 0fe84ff7cb1671d51769ad8f2378f919546a5f3a
 2023-05-23 16:15:07 -07:00
Sean Sullivan cdd93b4685 Refactor wsstream library from apiserver to apimachinery 
Kubernetes-commit: 8f3109da7913ef17c6656893f12f0e29ceabbde0
 2023-05-22 10:03:17 -07:00
Amine 278cd016a7 Properly setup mutatingWebhookConfigurationManager{} 
Kubernetes-commit: 761016482da9e3febbbfe5ab3cf6c2b31692c1b0
 2023-05-17 22:44:18 -05:00
Amine 907129f4f1 run `./hack/verify-gofmt.sh` 
Kubernetes-commit: 747dbd9b6b72c21c94ddd17bd2c82bbb2ff583ad
 2023-05-17 18:52:37 -05:00
Amine eb8a96cae5 Add smart reload for `MutatingWebhooks` 
Kubernetes-commit: 1eb60939fe5eb4c1394e5d93ee2d00b5894e9e73
 2023-05-17 18:44:01 -05:00
Amine 83bf64e6cc Properly handle parameter in `shareInformer.DeleteFunc` 
Kubernetes-commit: aeefb762ece0f866e99def259d6714aa4deb6d31
 2023-05-17 18:42:56 -05:00
Amine daa816b27c Fix webhook accessors caching pattern 
Kubernetes-commit: a01a8cb07e7bfe6dacadc51206ae4ef93d5f4352
 2023-05-17 10:54:17 -05:00
Abu Kashem dfc035926b apf: add validation to exempt for borrowing 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>

Kubernetes-commit: f8e4e8abac8637f6510838d7d476a838ce612659
 2023-05-15 12:08:18 -04:00
Amine dbf21ae38a Add webhookAccessors smart reloads unit tests 
This patch adds few unit tests to assert that the webhook accessors are
only recreate when they are update in the api-server.

In order to test this feature we had to make few changes to wb manager
that allows us to mock `NewValidatingWebhookAccessor` external function.

Kubernetes-commit: 7d3d44af77679ed488b28dc839d02a8258fd3adc
 2023-05-12 20:32:20 -05:00
Amine c0d0aad2b4 Fix deadlock issue 
This patch fixes the deadlock issue by using a map to cache already
initiated Webhooks instead of using `needRefresh` map.

Kubernetes-commit: c6f36e8702a9e90350c585298f1fc6e908699b12
 2023-05-10 15:09:15 -05:00
Amine d886c0446d Webhook Accessors Smart Recompilation 
Addresses https://github.com/kubernetes/kubernetes/issues/116588

This is an WIP patch trying to avoid recompiling CELs expressions when
recreation Validating/Mutating WebhookAccessors.

Maybe we should also concider using generatic.Controller from
5f59f44983/staging/src/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/controller.go

Kubernetes-commit: 99875b3fb73728caad3efb62556428b555ce02f4
 2023-05-09 16:47:11 -05:00
Andrew Sy Kim f00505bddc priority & fairness: support dynamically configuring work estimator max seats 
Max seats from prioriy & fairness work estimator is now min(0.15 x
nominalCL, nominalCL/handSize)

'Max seats' calculated by work estimator is currently hard coded to 10.
When using lower values for --max-requests-inflight, a single
LIST request taking up 10 seats could end up using all if not most seats in
the priority level. This change updates the default work estimator
config such that 'max seats' is at most 10% of the
maximum concurrency limit for a priority level, with an upper limit of 10.
This ensures seats taken from LIST request is proportional to the total
available seats.

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: d3ef2d4fe95c3ef7b1c606ad01be1183659da391
 2023-04-26 11:13:14 +00:00
Monis Khan 8e93c650b5 kmsv2: KDF based nonce extension 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: bf49c727ba10881d5378e9242f31dc00dede51be
 2023-03-25 14:41:04 -04:00
Monis Khan b90de05302 no-op: split transformer interface 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 9354e78289fde933f485c663df960b0bc6e24df5
 2023-03-24 16:23:40 -04:00
Kubernetes Publisher d8bdd263c2 Merge pull request #118793 from serathius/test-cache-bypass 
Test all cases for LIST request cache bypass

Kubernetes-commit: 2802bbce14ca32cddbd0d0567cd33fb435f445e6
 2023-06-21 21:17:17 +00:00
Kubernetes Publisher 9cfab516c2 Merge pull request #118792 from serathius/refactor-delegate 
Refactor shouldDelegateList/shouldListFromStorage to better explain d…

Kubernetes-commit: 55fb1805a1217b91b36fa8fe8f2bf3a28af2454d
 2023-06-21 17:17:12 +00:00
Kubernetes Publisher e1931a7854 Merge pull request #118794 from serathius/refactor-watch-context 
Refactor WithRequireLeader to make it part of the etcd store

Kubernetes-commit: 4862614c1cf73c5b0ccb97f8180a2c73770cb757
 2023-06-21 06:21:41 -07:00
Marek Siarkowicz 96d1438818 Refactor WithRequireLeader to make it part of the etcd store 
Kubernetes-commit: a9af2de8fdd1f2799b2017b19027958c69ffb04d
 2023-06-21 14:21:24 +02:00
Marek Siarkowicz eda3579943 Test all cases for LIST request cache bypass 
Kubernetes-commit: e4cf103c9b98391e5e135c3991cd8f380bfe22fe
 2023-06-21 14:12:04 +02:00
Marek Siarkowicz 72bea89ab7 Refactor shouldDelegateList/shouldListFromStorage to better explain decisions 
Kubernetes-commit: 406899360b55b3a0e28970f369288a2bb8a804fe
 2023-06-21 14:02:46 +02:00
Kubernetes Publisher 2b176f025d Merge pull request #118763 from Shubham82/remove_AdvancedAuditing_featuregate 
Remove AdvancedAuditing feature gate.

Kubernetes-commit: 5a1c62b9d121e23d411fdc84255521d1dc231bf2
 2023-06-21 01:17:40 +00:00
shubham82 4057dcde6b Remove AdvancedAuditing feature gate. 
Kubernetes-commit: f2e3157df0a143ff04b9adf7525b32d82bb6f29c
 2023-06-20 14:21:10 +05:30
Kubernetes Publisher 15b83e4482 Merge pull request #118689 from bzsuni/clean 
[dependencies] update prometheus/client_golang v1.14.0 to v1.16.0

Kubernetes-commit: 0004ce8684bd9c6be0af4ad8fc9b076f4a04e23e
 2023-06-19 01:21:49 +00:00
bzsuni 35bb75daf4 update prometheus/client_golang v1.14.0 to v1.16.0 
Signed-off-by: bzsuni <bingzhe.sun@daocloud.io>

Kubernetes-commit: 5aa5f1abc9c9d83ccc34382ae2a8e0241ec1d866
 2023-06-15 11:24:32 +00:00
Kubernetes Publisher 1bf7d4daed Merge pull request #116894 from enj/enj/i/encrypt_resp_sanity_checks 
kmsv2: add sanity checks and refine probing logic

Kubernetes-commit: 78f18c1b4b34ec6911f575d6a4ded60377d38bf9
 2023-06-14 12:50:19 -07:00
Monis Khan aa8212180e kmsv2: no-op refactor priming logic into its own function 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 55b690ee018bfa2e32c4d2dab13123a336c7d013
 2023-03-23 11:49:20 -04:00
Monis Khan 296a76b0b7 kmsv2: refine probing logic to avoid slow starts 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 15003c609d0ad4aea79895530b1dd4517514154d
 2023-03-23 11:35:36 -04:00
Monis Khan cb83ab1a45 kmsv2: add a sanity check to confirm that new state is always valid 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: d8150b816014427b9fec342f2cf303e1472c62c7
 2023-03-23 10:42:05 -04:00
Kubernetes Publisher d76c5f8644 Merge pull request #118539 from benluddy/timeout-filter-flake 
Ensure timeout test handlers don't complete before timing out.

Kubernetes-commit: 666fc23fe4d6c84b1dde2b8d4ebf75fce466d338
 2023-06-13 17:16:48 +00:00
Kubernetes Publisher 0d8046157b Merge pull request #118460 from serathius/componentstatuses 
Make etcd component status consistent with health probes

Kubernetes-commit: 3b4496913453aa0a44ee818d5db185df51073ae7
 2023-06-13 13:16:53 +00:00
Kubernetes Publisher 44fa6d28d5 Merge pull request #111992 from Abirdcfly/20220824 
cleanup: delete unused AuditDynamicOptions in apiserver

Kubernetes-commit: c1154d838fec2d8a2b14cfd48ab5a4e2654d619a
 2023-06-13 05:17:09 +00:00
Kubernetes Publisher ed61fb1c78 Merge pull request #118422 from apelisse/dry-run-empty 
dryrun: Don't reuse current object for conversion

Kubernetes-commit: 336e46101c4451f504c884d65bb7b7b5f6f7f4d8
 2023-06-08 02:35:39 +00:00
Kubernetes Publisher ec6e786786 Merge pull request #118507 from jeremyrickard/go1205 
[go] Bump images, versions and deps to use Go 1.20.5

Kubernetes-commit: c042d6956f70566a81bc29c9af6896fefbf89aae
 2023-06-07 18:35:17 +00:00
Kubernetes Publisher e154c1bd1b Merge pull request #118495 from MadhavJivrajani/cleanup-cacher-testing 
storage: Cleanup cacher testing

Kubernetes-commit: a54748d652ee92eec05d996a16e809281b1ed9fd
 2023-06-07 18:35:15 +00:00
Kubernetes Publisher 3db0a5495f Merge pull request #118531 from MadhavJivrajani/add-madhav-as-storage-layer-reviewer 
storage: Add MadhavJivrajani as reviewer

Kubernetes-commit: 8aeea9c1b818825d3f01afe1c1c5907e6d76c515
 2023-06-07 18:35:14 +00:00
Ben Luddy 302a5c27a6 Ensure timeout test handlers don't complete before timing out. 
TestTimeoutRequestHeaders and TestTimeoutWithLogging are designed to
catch data races on request headers and include an HTTP handler that
triggers timeout then repeatedly mutates request headers. Sometimes,
the request header mutation loop could complete before the timeout
filter observed the timeout, resulting in a test failure. The mutation
loop now runs until the test ends.

Kubernetes-commit: e5a15c87e9d83ee19ba93aa356dfbb7b33a013c8
 2023-06-07 12:48:33 -04:00
Jeremy Rickard 5f576397c4 Update vendor with hack/update-vendor.sh 
Signed-off-by: Jeremy Rickard <jeremyrrickard@gmail.com>

Kubernetes-commit: b1da721bdd711d9f75a57d782c5a33eea7ac35a4
 2023-06-07 08:26:14 -06:00