Commit graph

13095 commits

Author SHA1 Message Date
Kubernetes Prow Robot
d73c1818e9
Merge pull request #132620 from tchap/kcm-clean-termination
kube-controller-manager: Refactor leader election management to prepare for releasing lock on exit
2026-03-13 03:49:38 +05:30
Kubernetes Prow Robot
4e2bbc78bf
Merge pull request #137170 from pohly/dra-device-taints-beta
DRA device taints: graduate to beta
2026-03-13 00:13:38 +05:30
Patrick Ohly
566dc7f3f3 DRA device taints: graduate to beta
The fields become beta, enabled by default. DeviceTaintRule gets
added to the v1beta2 API, but support for it must remain off by default
because that API group is also off by default.

The v1beta1 API is left unchanged. No-one should be using it
anymore (deprecated in 1.33, could be removed now if it wasn't for
reading old objects and version emulation).

To achieve consistent validation, declarative validation must be enabled also
for v1alpha3 (was already enabled for other versions). Otherwise,
TestVersionedValidationByFuzzing fails:

    --- FAIL: TestVersionedValidationByFuzzing (0.09s)
        --- FAIL: TestVersionedValidationByFuzzing/resource.k8s.io/v1beta2,_Kind=DeviceTaintRule (0.00s)
            validation_test.go:109: different error count (0 vs. 1)
                resource.k8s.io/v1alpha3: <no errors>
                resource.k8s.io/v1beta2: "spec.taint.effect: Unsupported value: \"幤HxÒQP¹¬永唂ȳ垞ş]嘨鶊\": supported values: \"NoExecute\", \"NoSchedule\", \"None\""
            ...
2026-03-12 18:26:02 +01:00
Ondra Kupka
8ddefcf4b3 kcm: Prepare leader election for release on exit
Refactor KCM so that it's ready to turn on releasing leader election
exit easily.
2026-03-12 16:27:35 +01:00
Kubernetes Prow Robot
1a75abd5b5
Merge pull request #137102 from sivchari/kubeadm-ca-cert-summary
kubeadm: print CA certificate summary during join discovery
2026-03-12 09:09:33 +05:30
Kubernetes Prow Robot
0909c60df9
Merge pull request #137605 from pacoxu/coredns-1.14.2
bump coredns to v1.14.2
2026-03-12 06:09:55 +05:30
Kubernetes Prow Robot
c232632ac5
Merge pull request #137213 from Jefftree/leak-fix
Fix FSWatcher goroutine leak by adding ctx to Run()
2026-03-12 06:09:42 +05:30
Kubernetes Prow Robot
b16838370b
Merge pull request #136044 from SergeyKanzhelev/versioninconfigz
added API Version and Kind in /configz serailized objects
2026-03-11 15:09:36 +05:30
Kubernetes Prow Robot
38940f0222
Merge pull request #135297 from michaelasp/svmUpdateCRD
Remove CRD stored versions from status upon SVM migration
2026-03-11 08:03:09 +05:30
Michael Aspinwall
d274e05cc9 Remove CRD stored versions from status upon SVM migration 2026-03-11 00:50:27 +00:00
Sergey Kanzhelev
4396474b0b integration tests for configz endpoints 2026-03-11 00:25:32 +00:00
Kubernetes Prow Robot
0873aca240
Merge pull request #137402 from Nordix/fix-ipv6-support-check
fix(kube-proxy): fix IPv6 support check for Linux
2026-03-11 03:03:33 +05:30
Kubernetes Prow Robot
bfb362c575
Merge pull request #137466 from richabanker/nh-scheduler
Enable native histograms gated by feature flag in scheduler
2026-03-10 23:03:11 +05:30
Paco Xu
ed316226d2 bump coredns to v1.14.2 for kubeadm and cluster/ 2026-03-10 17:44:14 +08:00
Antoni Zawodny
3f094dc228
Create Workload API v1alpha2 (#136976)
* Drop WorkloadRef field and introduce SchedulingGroup field in Pod API

* Introduce v1alpha2 Workload and PodGroup APIs, drop v1alpha1 Workload API

Co-authored-by: yongruilin <yongrlin@outlook.com>

* Run hack/update-codegen.sh

* Adjust kube-scheduler code and integration tests to v1alpha2 API

* Drop v1alpha1 scheduling API group and run make update

---------

Co-authored-by: yongruilin <yongrlin@outlook.com>
2026-03-10 07:59:10 +05:30
Richa Banker
07705a5de7 Enable native histograms in scheduler gated by feature flag 2026-03-09 16:36:05 -07:00
Sergey Kanzhelev
1d4776ce85 Require configz to be external versioned runtime.Object 2026-03-06 18:41:11 +00:00
Wei Fu
2634261c17 cmd/kubeadm: ignore EINVAL error during unmount
If /var/lib/kubelet is MS_SHARED mountpoint, all the mountpoints
under /var/lib/kubelet will have duplicate one. When `kubeadm reset -f`
is executed, it will try to umount one path twice. However, they are in
the peer group. Once we umount one path, the duplicate one will be
umounted as well. So, in this case, we should ignore EINVAL error.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
2026-03-06 11:50:42 -05:00
Kubernetes Prow Robot
e56063a600
Merge pull request #131774 from sivchari/use-embed
kubeadm: Use go:embed for readability
2026-03-06 20:00:22 +05:30
sivchari
68d7b79527
kubeadm: Use go:embed for readability
Migrate test fixtures to use go:embed for improved readability
and maintainability across kubeadm test files.

Signed-off-by: sivchari <shibuuuu5@gmail.com>
2026-03-06 21:03:09 +09:00
Tero Kauppinen
8cdc61b924
fix(kube-proxy): fix IPv6 support check for Linux
The current Linux implementation checks whether a node supports
IPv6 by testing for the presence of '/proc/net/if_inet6'. However,
that check does not confirm that IPv6 support is actually enabled.
As a result, kube-proxy can incorrectly enable dual‑stack support
on nodes that do not have IPv6 enabled.

The possibility to disable IPv6 support has existed since
Linux kernel v2.6.27.

Update the IPv6 support check to also consider the contents of
'/proc/sys/net/ipv6/conf/all/disable_ipv6'.

Signed-off-by: Tero Kauppinen <tero.kauppinen@est.tech>
2026-03-06 13:14:32 +02:00
sivchari
7246d1d406
kubeadm: print CA certificate summary during join discovery
Add CA certificate information display when running kubeadm join
with verbosity level 1 (--v=1). This helps users verify the cluster
CA certificate during the join process.

The output includes:
- Subject and Issuer
- Serial number
- NotBefore and NotAfter dates
- Signature and PublicKey algorithms
- Public key hash (SHA256)

Changes:
- Reorganize For() to print CA cert info after auth validation
- Add getCACertFromKubeconfig() helper function
- Add formatCACertInfo() helper function
- Add unit tests for the new helper functions

Signed-off-by: sivchari <shibuuuu5@gmail.com>
2026-03-06 16:25:33 +09:00
Harshal Neelkamal
40d8705d28 Introduce a kubelet-server configuration that allows reloading ClientCA in TLSConfig 2026-03-05 02:04:08 +00:00
Kubernetes Prow Robot
90e75ac8cf
Merge pull request #136815 from atombrella/feature/slices_contains_cmd_kubelet
Use for-range in `cmd/{kubelet,kubeadm,kubemark}`
2026-03-03 13:31:28 +05:30
Paco Xu
a542dc586a kubeadm: do not add learner member to etcd client endpoints 2026-02-26 10:36:38 +08:00
Jefftree
fc53227b90 Fix FSWatcher goroutine leak by adding ctx to Run()
FSWatcher.Run() spawned a goroutine with no exit mechanism, causing a
goroutine leak. Add a ctx context.Context parameter to Run() so the
goroutine can exit cleanly when the context is canceled, and
defer-close the underlying fsnotify watcher on exit.

For kube-proxy, the existing ctx from runLoop() is passed directly.
For the flexvolume prober, ctx is stored in flexVolumeProber at
construction time via GetDynamicPluginProber(), representing the
component lifetime (kubelet/controller-manager), which is the
appropriate scope for this long-running watcher.
2026-02-23 21:30:34 -05:00
Kubernetes Prow Robot
ab1a549116
Merge pull request #137124 from Helion55/remove_data_test.go_files
Cleanup: Remove data_test.go files from kubeadm phases
2026-02-22 17:23:38 +05:30
Rakesh Bajpayee
66c6098ddb moved data_test.go file contents to data.go file of kubeadm phases
updated code with new line
2026-02-20 23:18:30 +05:30
Kubernetes Prow Robot
8812ec563c
Merge pull request #134353 from skitt/drop-string-slice
Deprecate obsolete slice utility functions
2026-02-20 00:57:41 +05:30
joshjms
7c54689847
etcd: update etcd image to v3.6.8
Signed-off-by: joshjms <joshjms1607@gmail.com>
2026-02-18 21:29:56 +08:00
Stephen Kitt
d42d1e3d1f
Deprecate obsolete slice utility functions
... and update users to use standard library functions.

Signed-off-by: Stephen Kitt <skitt@redhat.com>
2026-02-16 10:04:33 +01:00
Kubernetes Prow Robot
5b63a8c68e
Merge pull request #136921 from dims/dump-from-utils
Move dump package from apimachinery to k8s.io/utils
2026-02-12 22:28:10 +05:30
Davanum Srinivas
550cc8645b
Move dump package from apimachinery to k8s.io/utils
Replace all imports of k8s.io/apimachinery/pkg/util/dump with
k8s.io/utils/dump across the repo. The apimachinery dump package
now contains deprecated wrapper functions that delegate to
k8s.io/utils/dump for backwards compatibility.

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2026-02-12 07:34:19 -05:00
Mads Jensen
2ac7de24d0 Fix also forvar in cmd/kubeadm 2026-02-11 09:37:17 +01:00
Mads Jensen
d137915f1d Use for-range in cmd/{kubelet,kubeadm}
Fixed using the modernize tool. These were the only instances under
cmd/
2026-02-11 09:37:12 +01:00
Kubernetes Prow Robot
90a76aaa9a
Merge pull request #136846 from carlory/update-cri-losing-support
kubelet: defer the configurations flags (and the related fallback behavior) deprecation removal timeline from 1.36 to 1.37 to align with containerd v1.7 support
2026-02-11 09:26:15 +05:30
Kubernetes Prow Robot
467099411d
Merge pull request #136898 from carlory/kubeadm-ContainerRuntimeVersion-1-37
kubeadm:  bump the version in the ContainerRuntimeVersionCheck warning message from 1.36 to 1.37
2026-02-10 14:48:18 +05:30
carlory
8eb3b65222
kubeadm: the preflight check ContainerRuntimeVersion validates if the installed container runtime supports the RuntimeConfig gRPC method. For older kubelet versions than 1.37, it will return a preflight warning.
Signed-off-by: carlory <baofa.fan@daocloud.io>
2026-02-10 10:30:12 +08:00
Lubomir I. Ivanov
aa082ab174
Revert "kubeadm: switch tests to NewClientset" 2026-02-09 20:28:21 +02:00
Kubernetes Prow Robot
a39c8201e9
Merge pull request #136423 from neolit123/1.36-remove-flex-volume-support-from-kubeadm
kubeadm: removed the built-in flex volume support
2026-02-09 14:07:21 +05:30
carlory
bd31a168fd kubelet: defer the configurations flags (and the related fallback behavior) deprecation removal timeline from 1.36 to 1.37 to align with containerd v1.7 support
Signed-off-by: carlory <baofa.fan@daocloud.io>
2026-02-09 10:39:17 +08:00
Kubernetes Prow Robot
8972957668
Merge pull request #135782 from richabanker/fifo-identity-metric
Add identifier-based queue depth metrics for RealFIFO
2026-02-06 07:34:29 +05:30
Kubernetes Prow Robot
da9e038713
Merge pull request #133845 from rbiamru/clarify-cpucfsquotaperiod
Clarify CPUCFSQuotaPeriod config vs CustomCPUCFSQuotaPeriod feature gate
2026-02-06 06:22:29 +05:30
Richa Banker
7ffcacbf9e Wire informer name through kube-controller-manager shared informers 2026-02-05 11:45:47 -08:00
Kubernetes Prow Robot
2ad7178741
Merge pull request #136522 from hoteye/kubelet-contextual-core
kubelet: migrate core sync path to contextual logging
2026-02-03 02:18:26 +05:30
xin.li
1713d43d13 update coredns to 1.14.1
Signed-off-by: xin.li <xin.li@daocloud.io>
2026-01-29 13:56:47 +08:00
xin.li
4823e1fade Update CoreDNS to v1.14.0
Signed-off-by: xin.li <xin.li@daocloud.io>
2026-01-29 13:56:47 +08:00
hoteye
f684d90648 kubelet: migrate core sync path to contextual logging 2026-01-28 09:07:31 +08:00
Neeraj Krishna Gopalakrishna
001dcf63ba Add test and doc for processing all the sub-directories in drop-in folder 2026-01-23 21:58:31 +05:30
Kubernetes Prow Robot
a46ff14f97
Merge pull request #136089 from ngopalak-redhat/ngopalak/config-dir
Improve logging, doc and test for kubelet config-dir file extension
2026-01-23 18:57:31 +05:30