github-personal/kubernetes
1
0
Fork 0
mirror of https://github.com/outbackdingo/kubernetes.git synced 2026-02-06 09:26:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
131,095 Commits 1 Branch 0 Tags
4eecdc4cc6aa0a35c664bfb7e2188bd2d1c680bb
Commit Graph

1049 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
566d6acb70 Merge pull request #131759 from carlory/clean-volumehost 
Remove unused GetHostIP method
 2025-07-12 05:35:28 -07:00
PatrickLaabs
baf71997f5 chore: depr. pointer pkg replacement for pkg/controller 2025-07-07 13:22:36 +02:00
Kubernetes Prow Robot
f407bd6d24 Merge pull request #132254 from carlory/cleanup-MountContainers 
Cleanup after Alpha feature MountContainers was removed
 2025-06-18 17:24:50 -07:00
Kubernetes Prow Robot
17e20ec9d4 Merge pull request #131281 from googs1025/add_miss_shutdown 
chore: add miss Shutdown call for selinux_warning controller
 2025-06-17 06:18:59 -07:00
Davanum Srinivas
03afe6471b Add a replacement for cmp.Diff using json+go-difflib 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2025-06-16 17:10:42 -04:00
carlory
85bc3cb096 Remove GetExec method from VolumeHost 
Signed-off-by: carlory <baofa.fan@daocloud.io>
 2025-06-13 10:58:37 +08:00
carlory
f0dde38234 Remove pluginName param from GetMounter and GetExec 
Signed-off-by: carlory <baofa.fan@daocloud.io>
 2025-06-12 17:29:17 +08:00
carlory
fe1b1fff7c Remove unused GetHostIP method 2025-05-14 14:50:59 +08:00
Kubernetes Prow Robot
c59203e051 Merge pull request #121967 from torredil/update-logging 
Update log verbosity for node health and taint checks
 2025-04-24 06:22:34 -07:00
googs1025
e8dbfc0b6f add miss Shutdown call for selinux_warning controller 2025-04-14 09:07:51 +08:00
Eddie Torres
c766a52356 Implement KEP 4876 Mutable CSINode (#130007) 
* Implement KEP-4876 Mutable CSINode Allocatable Count

Signed-off-by: torredil <torredil@amazon.com>

* Update TestGetNodeAllocatableUpdatePeriod

Signed-off-by: torredil <torredil@amazon.com>

* Implement CSINodeUpdater

Signed-off-by: torredil <torredil@amazon.com>

* Use sync.Once in csiNodeUpdater

Signed-off-by: torredil <torredil@amazon.com>

* ImVerify driver is installed before running periodic updates

Signed-off-by: torredil <torredil@amazon.com>

* Update NodeAllocatableUpdatePeriodSeconds type comment

Signed-off-by: torredil <torredil@amazon.com>

* Leverage apivalidation.ValidateImmutableField in ValidateCSINodeUpdate

Signed-off-by: torredil <torredil@amazon.com>

* Update strategy functions

Signed-off-by: torredil <torredil@amazon.com>

* Run hack/update-openapi-spec.sh

Signed-off-by: torredil <torredil@amazon.com>

* Update VolumeError.ErrorCode field

Signed-off-by: torredil <torredil@amazon.com>

* CSINodeUpdater improvements

Signed-off-by: torredil <torredil@amazon.com>

* Iron out concurrency in syncDriverUpdater

Signed-off-by: torredil <torredil@amazon.com>

* Run hack/update-openapi-spec.sh

Signed-off-by: torredil <torredil@amazon.com>

* Revise logging

Signed-off-by: torredil <torredil@amazon.com>

* Revise log in VerifyExhaustedResource

Signed-off-by: torredil <torredil@amazon.com>

* Update API validation

Signed-off-by: torredil <torredil@amazon.com>

* Add more code coverage

Signed-off-by: torredil <torredil@amazon.com>

* Fix pull-kubernetes-linter-hints

Signed-off-by: torredil <torredil@amazon.com>

* Update API types documentation

Signed-off-by: torredil <torredil@amazon.com>

* Update strategy and validation for new errorCode field

Signed-off-by: torredil <torredil@amazon.com>

* Update validation tests after strategy changes

Signed-off-by: torredil <torredil@amazon.com>

* Update VA status strategy

Signed-off-by: torredil <torredil@amazon.com>

---------

Signed-off-by: torredil <torredil@amazon.com>
 2025-03-18 12:45:49 -07:00
Kubernetes Prow Robot
df030f3851 Merge pull request #130472 from jsafrane/selinux-controller-ignore-recursive 
selinux: Ignore pods with Recursive policy
 2025-03-03 14:29:56 -08:00
Jan Safranek
052f1fe820 Update tests 2025-02-28 16:42:20 +01:00
carlory
28d359beec promote HonorPVReclaimPolicy to GA 
Signed-off-by: carlory <baofa.fan@daocloud.io>
 2025-02-27 14:01:22 +08:00
Kubernetes Prow Robot
81f03c2f5b Merge pull request #124137 from ratnadeepb/testForceDetachMetric_invoke 
fix: Ensure testForceDetachMetric works on the delta of ForceDetachMetricCounter
 2025-02-25 09:40:29 -08:00
Jan Safranek
eeabc3ac6c selinux: Ignore pods with Recursive policy 
Pod that explicitly opted into "seLinuxChangePolicy: Recursive" should not
report conflicts with another SELinux labels. They will only report a
conflict with other Pods using the same volume with "seLinuxChangePolicy:
Mount" (or nil).
 2025-02-25 16:34:02 +01:00
Jan Safranek
2050d6fc69 selinux: add a new SELinux translator to the controller 
A real SELinuxOptionsToFileLabel function needs access to host's
/etc/selinux to read the defaults. This is not possible in
kube-controller-manager that often runs in a container and does not have
access to /etc on the host. Even if it had, it could run on a different
Linux distro than worker nodes.

Therefore implement a custom SELinuxOptionsToFileLabel that does not
default fields in SELinuxOptions and uses just fields provided by the Pod.

Since the controller cannot default empty SELinux label components,
treat them as incomparable.
Example: "system_u:system_r:container_t:s0:c1,c2" *does not* conflict with ":::s0:c1,c2",
because the node that will run such a Pod may expand "":::s0:c1,c2" to "system_u:system_r:container_t:s0:c1,c2".
However, "system_u:system_r:container_t:s0:c1,c2" *does* conflict with ":::s0:c98,c99".
 2025-02-17 13:32:10 +01:00
Davanum Srinivas
4e05bc20db Linter to ensure go-cmp/cmp is used ONLY in tests 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2025-01-24 20:49:14 -05:00
Patrick Ohly
8a908e0c0b remove import doc comments 
The "// import <path>" comment has been superseded by Go modules.
We don't have to remove them, but doing so has some advantages:

- They are used inconsistently, which is confusing.
- We can then also remove the (currently broken) hack/update-vanity-imports.sh.
- Last but not least, it would be a first step towards avoiding the k8s.io domain.

This commit was generated with
   sed -i -e 's;^package \(.*\) // import.*;package \1;' $(git grep -l '^package.*// import' | grep -v 'vendor/')

Everything was included, except for
   package labels // import k8s.io/kubernetes/pkg/util/labels
because that package is marked as "read-only".
 2024-12-02 16:59:34 +01:00
Jan Safranek
8791efc732 Update property name in metrics 
selinux_volume_conflict should not have space in its label value - it's
harder to query for that value. Use SELinuxLabel as both human friendly (in
an event) and label value.
 2024-11-06 11:16:06 +01:00
Jan Safranek
cf7a2c7d35 Add a comment why PVC indexer is used 2024-11-06 11:16:06 +01:00
Jan Safranek
3ff3ed4b6d Add comment how GetPodsForCSIDriver is useful 2024-11-06 11:16:06 +01:00
Jan Safranek
6eab8a8691 Use RWLock for the controller cache 
It could help a tiny bit with parallel operations.
 2024-11-06 11:16:06 +01:00
Jan Safranek
e6807a8e4f Use _ for unused parameters 
Sometimes the logger is not used. This fixes some linter warnings.
 2024-11-06 11:16:06 +01:00
Jan Safranek
dfb88095b0 Rename label to seLinuxLabel 
In various parameters, variables and fields. To make the name more
obvious.
 2024-11-06 11:16:06 +01:00
Jan Safranek
e438bc0561 Rework event recorder startup 
* Remove Controller.recorder field, there already is eventRecorder.
* Start the event broadcaster in Run(), to save a bit of CPU and memory
  when something initializes the controller, but does not Run() it.
* Log events with log level 3, as the other contollers usually do.
* Use StartStructuredLogging(), which looks fancier than StartLogging
 2024-11-06 11:16:06 +01:00
Jan Safranek
da2d9fa16e Fix golint errors 
Revealed by the new SELinux warning controller, but not related to it.
 2024-11-06 11:16:05 +01:00
Jan Safranek
aa8872d7a3 Add SELinux warning controller 2024-11-06 11:16:02 +01:00
Jan Safranek
0d71dc677e Refactor CreateVolumeSpec 
Rename old CreateVolumeSpec to CreateVolumeSpecWithNodeMigration that
extracts volume.Spec with node specific CSI migration.

Add CreateVolumeSpec that does the same, only without evaluating node CSI
migration.
 2024-11-06 11:15:31 +01:00
Kubernetes Prow Robot
08391b3d27 Merge pull request #123549 from carlory/kep-3751-finalizer 
A new controller adds/removes finalizer to VAC for protection
 2024-11-05 21:45:30 +00:00
Kubernetes Prow Robot
3e66160f30 Merge pull request #107362 from shawnhanx/controller_redundant 
remove redundant return statement in attachdetach/util/util.go
 2024-10-23 01:16:53 +01:00
carlory
4c10212d7b Fix data race in kubelet/volumemanager 2024-10-08 16:39:02 +08:00
Eric Blake
fe5b74b1f8 docs: typo fix in VolumeAttachments 
Fix typo and grammar in comments that get reflected through to the
generated documentation, regarding VolumeAttachments' use of
PersistentVolumes and PersistentVolumeClaims.

Signed-off-by: Eric Blake <eblake@redhat.com>
 2024-09-30 08:37:10 -05:00
Abhishek Kr Srivastav
95860cff1c Fix Go vet errors for master golang 
Co-authored-by: Rajalakshmi-Girish <rajalakshmi.girish1@ibm.com>
Co-authored-by: Abhishek Kr Srivastav <Abhishek.kr.srivastav@ibm.com>
 2024-09-20 12:36:38 +05:30
Joe Betz
2595aa1309 generate 2024-09-03 14:26:26 -04:00
carlory
a9de9a3d07 controller-manager adds a new controller named volumeattributesclass-protection-controller which adds/removes finalizer to VAC for protection 2024-08-30 15:00:46 +08:00
Kubernetes Prow Robot
fd7642cfe4 Merge pull request #126745 from hungnguyen243/pvcScalabilityFix 
Improve PVC protection controller's scalability by batch-processing PVCs by namespace & caching live pod list results [fixed dead loop issue with idle work queue]
 2024-08-27 19:16:57 +01:00
Hung Nguyen
152ab36a33 update error comment 2024-08-26 16:47:39 +00:00
Hung Nguyen
39b6bd1278 address pwschuurman's comments 2024-08-23 18:53:26 +00:00
Kubernetes Prow Robot
113b12c6fb Merge pull request #124439 from bells17/csi-translation-lib-structured-and-contextual-logging 
Migrate k8s.io/csi-translation-lib/.* to structured logging
 2024-08-19 18:13:54 -07:00
Hung Nguyen
f9f8b789ca fix spin loop issue with idle work queue 2024-08-16 18:17:47 +00:00
pwschuurman
dbcbdbf5fb Revert "Improve PVC protection controller's scalability by batch-processing PVCs by namespace & caching live pod list results" 2024-08-15 16:33:11 -07:00
Kubernetes Prow Robot
9d140b136c Merge pull request #125372 from hungnguyen243/pvcScalabilityFix 
Improve PVC protection controller's scalability by batch-processing PVCs by namespace & caching live pod list results
 2024-08-13 18:52:42 -07:00
Hung Nguyen
eb16aa1d4a improve PVC Protection Controller's processing mechanism with sample performance test 2024-08-08 16:57:55 +00:00
Dr. Stefan Schimanski
c7a1fa432a Call non-blocking informerFactory.Start synchronously to avoid races 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-07-27 18:13:09 +02:00
carlory
c4851c64a0 remove volumeoptions from VolumePlugin and BlockVolumePlugin 2024-07-24 14:07:02 +08:00
Kubernetes Prow Robot
107f621462 Merge pull request #126108 from gnufied/changes-volume-recovery 
Reduce state changes when expansion fails and mark certain failures as infeasible
 2024-07-23 13:30:56 -07:00
Drew Sirenko
16c2ad5b84 Add labels to PVCollector bound/unbound PVC metrics for VolumeAttributesClass Feature (#126166) 
* Add labels to PVCollector bound/unbound PVC metrics

* fixup! Add labels to PVCollector bound/unbound PVC metrics

* wip: Fix 'Unknown
    Decorator'

* fixup! Add labels to PVCollector bound/unbound PVC metrics
 2024-07-23 12:21:29 -07:00
Kubernetes Prow Robot
a00181d4d4 Merge pull request #121902 from carlory/kep-3751-pv-controller 
[kep-3751] pvc bind pv with vac
 2024-07-23 11:02:13 -07:00
carlory
3a6a4830df pvc bind pv with vac 2024-07-23 15:04:11 +08:00