The logical navigation definitely works better if Pod Security admission
and PodSecurityPolicy are pages in the same section. Make It So.
Co-authored-by: Rey Lejano <rlejano@gmail.com>
This list appears to name binaries whose configuration flags are documented in this section: [Command Line Tools Reference](/docs/reference/command-line-tools-reference/). Since kube-proxy is an item in that reference, it seems helpful to give it an entry and link here.
Based on the discussion here: https://github.com/kubernetes/kubernetes/pull/97415#discussion_r722548437
we explictly state that the GetCpuIds returned for a ContainerResource in the ListPodResourcesResponse
represent only exclusively allocated CPUs.
In order to evaluate the CPUs corresponding to the shared pool, List endpoint should be used in conjunction
with GetAllocatableResources endpoint. We highlight the steps that the client needs to take evaluate this.
Signed-off-by: Swati Sehgal <swsehgal@redhat.com>
Also, explicitly clarify the behavior of GetAllocatableResources
The explanation that GetAllocatableResources can be used to obtain available resources
on the node can be misinterpretted as an API that is used to obtain free/unallocated
resources on a node.
This PR adds additional text to clarify that this API endpoint only returns
allocatable resources which are resources exposed to kubelet as defined here:
https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/#node-allocatable.
Signed-off-by: Swati Sehgal <swsehgal@redhat.com>
The content describing a declarative API in the custom controller
section of the custom resources doc was confusing:
> A declarative API allows you to declare or specify the desired state
of your resource **and tries to keep the current state of Kubernetes
objects in sync with the desired state**. The controller interprets the
structured data as a record of the user's desired state, and continually
maintains this state.
(emphasis added)
It is not the declarative API that tries to keep the current state of
the objects in sync with the desired state. It's the controller that
does that.
I've reworded this paragraph to hopefully clarify this.
Closes Issue #29348
Signed-off-by: Jay Pipes <jaypipes@gmail.com>
The Service Catalog architecture changed from using api aggregation to CRDs, but the docs still refer to the older architecture using api aggregation.
Couple of changes here:
1. Change the sentence on how Service Catalog is implemented
2. Replace the example for usage of api aggregation from service-catalog to metrics-server. There are multiple implementations that can be linked to(keda, prometheus, datadog,...), but keeping the documentation neutral by pointing to kubernetes-sigs/metrics-server
References:
- Service Catalog [v0.3.0 release notes](https://github.com/kubernetes-sigs/service-catalog/releases/tag/v0.3.0):
> In release 0.3.0, we've focused on replacing the Aggregated API Server with the CustomResourceDefinitions (CRDs) and the Admission Webhook solution.
- Project [README](https://github.com/kubernetes-sigs/service-catalog/pull/2691/files)
> Service Catalog recently switched to a new CRDs-based architecture. The old API Server-based implementation is available on the v0.2 branch. We support this implementation by providing bug fixes until July 2020.
Given 'Aggregated APIs are subordinate API servers that sit behind the primary API server, which acts as a proxy', the comparison table indicates a requirement for the subordinate API servers to use Go, when it is not a requirement as long as the subordinate API server follows the expected contract
This PR fixes two problems. One was introduced by f265aed794
which folded the extend-cluster.md content into section index without
removing the original content. Another problem is that the PNG images
stored on google docs are not accessible by some people from the far end
of the planet.
* Actuallize podresources description
This commit updates description according to
https://github.com/kubernetes/enhancements/pull/1884
Update content/en/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md
Signed-off-by: Alexey Perevalov <alexey.perevalov@huawei.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
* podresources: document the new feature gate
Signed-off-by: Francesco Romani <fromani@redhat.com>
* device plugins: add clarifications after review
- fix the AllocatableResourcesResponse comment
- describe the NUMA ID and explain the meaning of the field.
Signed-off-by: Francesco Romani <fromani@redhat.com>
Co-authored-by: Alexey Perevalov <alexey.perevalov@huawei.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
A few links to the flexVolume documentation do not resolve correctly due
to case sensitivity in the page anchor. This updates those links to
resolve to the correct section of the volumes doc.
Signed-off-by: hasheddan <georgedanielmangum@gmail.com>
The `/var/lib/kubelet/pod-resources/kubelet.sock` is required by device monitoring agent but not device plugin.
This word `plugin` is ambiguous.
plugin -> device monitoring agent
Readers from several different backgrounds will find it useful to know
about how Kubernetes controls access to its API. Promote this overview
to the Security subsection of Concepts.
The [Poseidon
project](https://github.com/kubernetes-sigs/poseidon/commits/master)
is virtually dead:
- No PRs coming in since Dec 2019
- PRs related to code changes date back to April 2019.
By removing this page, we can save folks' effort on localizing the
content, i.e. #22265.
Where an existing Concept section has an index and the first page is
“Overview of X”, move the content of that overview into the index page
itself.
Also, configure redirects accordingly.
From context and general understanding, it looks like this was intended to be "most Kubernetes users will *not* need to
install extensions and fewer will need to author new ones."
* Reword API Server aggregation
* Document custom resources ahead of APIService
CustomResourceDefinition is the newer, shinier and often more
appropriate resource to help with cases where APIService was not a good
fit. Switch order to mention the custom resources page first, which
introduces both APIService and CustomResourceDefinition.
* Consolidate words of caution about Pod network
* Tweak wording
- use tooltips
- fix a TODO hyperlink
- adopt style guidelines
* Revise prerequisites for kubeadm
* Rework page structure
- Replace some headings with anchor elements (preserving inbound links)
- Use a "discussion" section for the discussion part of the page.
- Make Feedback be a part of the What's Next section
- Skip mentioning Docker in a logging context; provide generic
signposting instead.
- Update overview
- Document limitations and fix link to HA topology
- Fixes for styling
* Redo network plugin info
* Use glossary tooltips to introduce terms
* feat: graduate TaintNodesByCondition to GA (#17073)
* Promote StartupProbe to beta (enabled by default). (#17164)
* Watch bookmarks to GA (#17026)
* feat: graduate ScheduleDaemonSetPods to GA (#17350)
* Update Docker installation instructions (#17405)
* Use exact version numbers for installing Docker in Ubuntu (#17428)
* Move CSIMigration and CSIMigrationGCE to Beta in Kubernetes v1.17 (#17478)
* Promote NodeLease feature to GA (#17189)
* Update docs for csi topology ga (#17408)
* Update RunAsUsername to beta (#17460)
* doc:Update RunAsUsername to beta
* doc: update samples - kubernetes.io/os is no longer beta
* Updating based on review feedback
* Promote Node-specific volume limits to GA (#17432)
* Promote PodShareProcessNamespace to stable (#17192)
* Promote PodShareProcessNamespace to stable
* Add for_k8s_version to feature-state label
Co-Authored-By: Tim Bannister <tim@scalefactory.com>
* Readd version-check to shareProcessNamespace task
* Update service load balancer finalizer doc for GA (#17438)
* Update Topology Manager docs (#17451)
* Added information on how device plugins can take advantage
of Topology Manager
* Updated the Topology Manager documentation to include additionalinformation and update some out of date sections
* Fix broken Topology Manager link (#17746)
Part of What's Next Device Plugin section
* Update CRD defaulting docs for GA (#17450)
* Add documentation for VolumeSnapshot Beta (#17233)
* Updating EndpointSlice documentation for beta release in 1.17 (#17411)
* (docs/dualstack): v1.17 updates (#17457)
* Add placehold doc updates for dualstack in 1.17
Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com>
* Add Downward API and /etc/hosts Pod IP validation
Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com>
* remove addressed known issue via k/k pr 85246
Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com>
* Remove known issue and add flag as part of k/k 79993
Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com>
* remove follow up placeholders
Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com>
* Update verbiage
Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com>
* Make IP addressing consistent throughout the task
Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com>
* Update to status.podIPs
Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com>
* Update content/en/docs/tasks/network/validate-dual-stack.md
Use set instead of env
Co-Authored-By: Khaled Henidak (Kal) <khnidk@outlook.com>
* add topology.kubernetes.io/zone, topology.kubernetes.io/region and node.kubernetes.io/instance-type labels to docs (#17498)
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
* Service topology alpha documentation (#17459)
* Update list of feature flags for in-tree plugins migrated to CSI (#17533)
Signed-off-by: Deep Debroy <ddebroy@docker.com>
* Update Node concept for TaintNodesByCondition going GA (#17577)
* feat: graduate ResourceQuotaScopeSelectors to GA in 1.17 (#17554)
* kubeadm: update the upgrade documentation for 1.17 (#17587)
* doc: Simplify Windows deployments with RuntimeClass (#16697)
* doc: Simplify Windows deployments with RuntimeClass
* Updating on review feedback
* doc: Adding windows-build label from enhancement 1301
* update doc for kubelet option --reserved-cpus (#17648)
* feat: update TaintNodesByCondition in feature gates table (#17377)
* Update docs for v1 resource quota configuration (#17547)
* AdmissionConfiguration v1 (#17548)
* Update WebhookAdmissionConfiguration examples (#17549)
* Update AWS EBS Migration Feature state (#16126)
* Add resource version section to api-concepts documentation (#16910)
* Add Resource Version semantics section to api concepts
* Clarify risks of going back in time, add details about compaction and watch cache sizes
* Apply suggestions from liggitt
Co-Authored-By: Jordan Liggitt <jordan@liggitt.net>
* remove pesudocode, apply feedback
* Fix typo
* Clarify equality rules
* Cleanup kubectl generators docs (#17609)
* Write ReplicationController without a space
* Drop mentioning unsupported cluster versions
* Fix capitalization for “API group”
* Tweak wording
* Avoid using deprecated generator in example
* add Antrea description in dev-1.17 (#17919)
* Promote VolumeSubpathEnvExpansion to GA
* Reference Documentation for the Kubernetes API for 1.17 (#18019)
* Update feature-gates.md (#18033)
* Reference Documentation for kubectl Commands for 1.17 (#18017)
* Update for v1.17 (#18034)
* Update config.toml(release-1.17) for 1.17 (#18031)
* Typo, should be extension's instead of extensions
In `Extension Patterns` section, `extensions points` should be `extension's points` as it's trying to say `points` belonging to a particular `extension`.
* Update content/en/docs/concepts/extend-kubernetes/extend-cluster.md
Changed as per tengqm suggestion.
Co-Authored-By: Qiming <tengqim@cn.ibm.com>
Under `Extension Patterns` sections the link for `Flex Volume Plugins` is broken as the `flexvolume.md` file has been moved to new folder `/devel/sig-storage`. Reference commit `ab55d850b8`
Tom Kivlin
Tom Kivlin
Eirik A
Kubernetes Prow Robot
Rey Lejano
Nate W
Tim Bannister
Jakub Piotr Cłapa
Ed Bartosh
Jay Beale
Manish Kumar
Shivam Singhal
Frank Villaro-Dixon
Jesse Butler
Ayushman Mishra
Shubham Kuchhal
Swati Sehgal
Wang
wiggitywhitney
Jay Pipes
deepsan
Christoph Bühler
cezaryzukowski
Artur Zylinski
Ian Driver
Jihoon Seo
Dmitry Shurupov
Pedro Leão da Cruz
Qiming Teng
Francesco Romani
Xiaopeng Han
Karen Bradshaw
chenxuc
Will Hanstedt
hasheddan
baczus
XinYuan
Quinn Slack
drfish
Renaud Gaubert
Qiming Teng
Neha Viswanathan
h4ghhh
Johannes M. Scheuermann
santadasu
Savitha Raghunathan
Anna Jung
TAKAHASHI Shuuji
Ray
Kevin Klues
Jerry Park
Kiyoshi Muranaka
Brandon DeVries
Prasad Katti
Celeste Horgan
Vinicius Barbosa
Ali Mirlou
Enshin Andrey
Andrew Allbright
Sharjeel Aziz
Josh Soref
Xiang Dai
Damini Satya
Luzhenxing
Tanveer Alam
Alexey Pyltsyn
jakowicz
houjun