kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Library for writing a Kubernetes-style API server.
2,391 Commits 30 Branches 1,482 Tags 31 MiB
Go 99.8%
Shell 0.2%
Go to file
Max Leonard Inden 041b1f1718 src/k8s.io/apiserver: Increase cert expiration histogram resolution 
The `certificate_expiration_seconds` histogram measures the remaining
time of client certificates used to authenticate to the API server. It
records the lifetime of received client request certificates in buckets
of 6h, 12h, ..., 1y.

In environments with automated certificate rotation it is not uncommen
to have issued certificates expire in less than the above mentioned
minimum bucket of 6h. In such environments the above histogram is
useless given that every request will be recorded in the first bucket.

This patch increases the histogram resolution by adding a 30m, 1h and 2h
bucket. Prometheus histogram buckets are cummulative, e.g. the 12h
bucket is counting _all_ records with an expiration date lower or equal
to 12h including _all_ requests of the 6h bucket. Thereby this patch
does not break existing monitoring setups.  This histogram is exposed
once per API server, thereby the 3 additional time series do not cause a
cardinality issue.

Kubernetes-commit: f90bbc3d6bfba992831eb216161990eae1098ae5
 		2019-03-01 11:34:38 +01:00
.github delete all duplicate empty blanks 2019-02-22 09:43:51 +08:00
Godeps Merge pull request #74795 from sttts/sttts-kube-openapi-149 2019-03-01 17:41:02 +00:00
pkg src/k8s.io/apiserver: Increase cert expiration histogram resolution 2019-03-01 11:34:38 +01:00
plugin/pkg delete all duplicate empty blanks 2019-02-22 09:43:51 +08:00
vendor Merge pull request #74248 from danielqsj/pdep 2019-02-25 21:39:50 +00:00
.import-restrictions move pkg/auth/user to staging 2017-01-13 13:38:43 -05:00
CONTRIBUTING.md Update deprecated links 2019-02-04 13:28:31 -05:00
LICENSE Add README and LICENSE to staging repos 2017-10-23 16:39:02 +05:30
OWNERS Add server-side apply members on some apiserver OWNERS 2019-02-08 16:10:25 -08:00
README.md delete all duplicate empty blanks 2019-02-22 09:43:51 +08:00
SECURITY_CONTACTS add PST to main SECURITY_CONTACTS as formality 2018-05-24 09:33:43 -04:00
code-of-conduct.md Add code-of-conduct.md to staging repos 2017-12-20 15:21:56 -05:00

README.md

apiserver

Generic library for building a Kubernetes aggregated API server.

Purpose

This library contains code to create Kubernetes aggregation server complete with delegated authentication and authorization, kubectl compatible discovery information, optional admission chain, and versioned types. It's first consumers are k8s.io/kubernetes, k8s.io/kube-aggregator, and github.com/kubernetes-incubator/service-catalog.

Compatibility

There are NO compatibility guarantees for this repository, yet. It is in direct support of Kubernetes, so branches will track Kubernetes and be compatible with that repo. As we more cleanly separate the layers, we will review the compatibility guarantee. We have a goal to make this easier to use in the future.

Where does it come from?

apiserver is synced from https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apiserver. Code changes are made in that location, merged into k8s.io/kubernetes and later synced here.

Things you should NOT do

  1. Directly modify any files under pkg in this repo. Those are driven from k8s.io/kubernetes/staging/src/k8s.io/apiserver.
  2. Expect compatibility. This repo is changing quickly in direct support of Kubernetes and the API isn't yet stable enough for API guarantees.