diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 1008131f0..82817ff6a 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -10,8 +10,7 @@ jobs: name: Build & Release runs-on: [ubuntu-latest] env: - DRONE_TAG: v1.19.10+k8e1 - GOLANG: golang:1.16.2-alpine3.12 + DRONE_TAG: v1.19.11+k8e1 steps: - name: Set up Go 1.x uses: actions/setup-go@v2 diff --git a/Dockerfile.dapper b/Dockerfile.dapper index f692d8256..ddad14e35 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -1,4 +1,4 @@ -ARG GOLANG=golang:1.15.10-alpine3.12 +ARG GOLANG=golang:1.15.12-alpine3.12 FROM ${GOLANG} ARG http_proxy=$http_proxy @@ -29,7 +29,7 @@ RUN GO111MODULE=on GOPROXY=https://goproxy.io,direct go get golang.org/x/tools/g RUN rm -rf /go/src /go/pkg RUN if [ "$(go env GOARCH)" = "amd64" ]; then \ - curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.38.0; \ + curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.40.0; \ fi ENV YQ_URL=https://github.com/mikefarah/yq/releases/download/v4.6.2/yq_linux diff --git a/go.mod b/go.mod index c5e47fd31..118fda486 100644 --- a/go.mod +++ b/go.mod @@ -23,8 +23,10 @@ replace ( github.com/juju/errors => github.com/k3s-io/nocode v0.0.0-20200630202308-cb097102c09f github.com/kubernetes-sigs/cri-tools => github.com/xiaods/cri-tools v1.19.0-k8e1 github.com/matryer/moq => github.com/rancher/moq v0.0.0-20190404221404-ee5226d43009 + // LOOK TO hack/download FOR THE VERSION OF runc THAT WE ARE BUILDING/SHIPPING github.com/opencontainers/runc => github.com/opencontainers/runc v1.0.0-rc92 github.com/opencontainers/runtime-spec => github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6 + github.com/rancher/k3s/pkg/data => ./pkg/data go.etcd.io/etcd => github.com/k3s-io/etcd v0.5.0-alpha.5.0.20201208200253-50621aee4aea golang.org/x/crypto => golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0 golang.org/x/net => golang.org/x/net v0.0.0-20201110031124-69a78807bb2b @@ -32,31 +34,31 @@ replace ( google.golang.org/genproto => google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63 google.golang.org/grpc => google.golang.org/grpc v1.27.1 gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 - k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.10-k3s1 - k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.10-k3s1 - k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.10-k3s1 - k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.10-k3s1 - k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.10-k3s1 - k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.10-k3s1 - k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.10-k3s1 - k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.10-k3s1 - k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.10-k3s1 - k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.10-k3s1 - k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.10-k3s1 - k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.10-k3s1 - k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.10-k3s1 - k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.10-k3s1 - k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.10-k3s1 - k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.10-k3s1 - k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.10-k3s1 - k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.10-k3s1 - k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.19.10-k3s1 - k8s.io/legacy-cloud-providers => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.10-k3s1 - k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.10-k3s1 - k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.19.10-k3s1 - k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.19.10-k3s1 - k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.19.10-k3s1 - k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.19.10-k3s1 + k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.11-k3s1 + k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.11-k3s1 + k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.11-k3s1 + k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.11-k3s1 + k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.11-k3s1 + k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.11-k3s1 + k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.11-k3s1 + k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.11-k3s1 + k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.11-k3s1 + k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.11-k3s1 + k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.11-k3s1 + k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.11-k3s1 + k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.11-k3s1 + k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.11-k3s1 + k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.11-k3s1 + k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.11-k3s1 + k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.11-k3s1 + k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.11-k3s1 + k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.19.11-k3s1 + k8s.io/legacy-cloud-providers => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.11-k3s1 + k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.11-k3s1 + k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.19.11-k3s1 + k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.19.11-k3s1 + k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.19.11-k3s1 + k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.19.11-k3s1 mvdan.cc/unparam => mvdan.cc/unparam v0.0.0-20190209190245-fbb59629db34 ) @@ -73,6 +75,7 @@ require ( github.com/frankban/quicktest v1.10.2 // indirect github.com/go-bindata/go-bindata v3.1.2+incompatible github.com/go-sql-driver/mysql v1.4.1 + github.com/google/cadvisor v0.37.5 github.com/google/tcpproxy v0.0.0-20180808230851-dfa16c61dad2 github.com/google/uuid v1.1.1 github.com/gorilla/mux v1.7.4 @@ -86,6 +89,7 @@ require ( github.com/minio/minio-go/v7 v7.0.7 github.com/morikuni/aec v1.0.0 github.com/natefinch/lumberjack v2.0.0+incompatible + // LOOK TO hack/download FOR THE VERSION OF runc THAT WE ARE BUILDING/SHIPPING github.com/opencontainers/runc v1.0.0-rc92 github.com/opencontainers/selinux v1.6.0 github.com/pierrec/lz4 v2.5.2+incompatible @@ -107,14 +111,15 @@ require ( golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57 google.golang.org/grpc v1.31.1 gopkg.in/yaml.v2 v2.3.0 - k8s.io/api v0.19.0 - k8s.io/apimachinery v0.19.0 - k8s.io/apiserver v0.19.0 + k8s.io/api v0.19.11 + k8s.io/apimachinery v0.19.11 + k8s.io/apiserver v0.19.11 k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible - k8s.io/cloud-provider v0.0.0 - k8s.io/component-base v0.19.0 - k8s.io/cri-api v0.19.0 + k8s.io/cloud-provider v0.19.11 + k8s.io/component-base v0.19.11 + k8s.io/cri-api v0.19.11 k8s.io/klog v1.0.0 - k8s.io/kubernetes v1.19.10 + k8s.io/kubernetes v1.19.11 + k8s.io/utils v0.0.0-20200729134348-d5654de09c73 sigs.k8s.io/yaml v1.2.0 ) diff --git a/go.sum b/go.sum index 51dd69edf..e1e1e401d 100644 --- a/go.sum +++ b/go.sum @@ -499,49 +499,49 @@ github.com/k3s-io/helm-controller v0.8.3 h1:GWxavyMz7Bw2ClxH5okkeOL8o5U6IBK7uauc github.com/k3s-io/helm-controller v0.8.3/go.mod h1:nZP8FH3KZrNNUf5r+SwwiMR63HS6lxdHdpHijgPfF74= github.com/k3s-io/kine v0.6.0 h1:4l7wjgCxb2oD+7Hyf3xIhkGd/6s1sXpRFdQiyy+7Ki8= github.com/k3s-io/kine v0.6.0/go.mod h1:rzCs93+rQHZGOiewMd84PDrER92QeZ6eeHbWkfEy4+w= -github.com/k3s-io/kubernetes v1.19.10-k3s1 h1:6MeGGJ9kV8xsFRewpuZ3MzvRUmWkpp90u0aZ0nuQm7Q= -github.com/k3s-io/kubernetes v1.19.10-k3s1/go.mod h1:f09eWYx+kAUzGrdf+qSQElQ1+HgCsN/ezDXq/XWyaOM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.10-k3s1 h1:ZH0SyuZrIlS7MLhaFOvBLVCwOx/aEowwdnYNRdQtvXs= -github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.10-k3s1/go.mod h1:UcjwtWbtWvJiBBYsrqZFSZyK9yfDQvyyOaitZREMNNI= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.10-k3s1 h1:5pytyyYTEBtUcG6rJXIZg4ntN3WXo6SZmupr9ZhepKM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.10-k3s1/go.mod h1:WgS2vy/M8pNm2Ym++3tDRbJprDEFUJ/eqkzdSHS5j+8= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.10-k3s1 h1:wAbxbdnt0HMwt+b0FSTy47ijPi3iPFVltlv9GggTzuc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.10-k3s1/go.mod h1:fFlII/qsnIeSHWpdggx7In5YXa1QiB6eWf0DJ53rBHc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.10-k3s1 h1:1N6z88af8kyAbtEa6MeBfaOx0c/dw0X/7lTJ+yW8b6Y= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.10-k3s1/go.mod h1:nkdU9Z48IXbnuyt0q2hr/2Bf8tlOGOjGcKhuAKmjINQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.10-k3s1 h1:KU7BLzlFuPr+B/n9oiSHFk/cn9ieD64DhYwdSxabKlQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.10-k3s1/go.mod h1:twd45pbv7psOvyGxI8eABhpeoXWW3bCX6aB5NVS6TXs= -github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.10-k3s1 h1:bR2f/bsB8kL9tXZE4gYlvOjnu2AMmlvpH+S8D+Itenc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.10-k3s1/go.mod h1:mFyJ7Q7VaffgOf2fBYWE3u6tI6ORgNH3y86VrIPy++Y= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.10-k3s1 h1:H4WXTd8pPje0ZgoUER8gcU/FJbOvOcuxQk4wLBTJxw4= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.10-k3s1/go.mod h1:vXBe7m69RSxIR/m6bm820O+WYUJHP9OXtEyTZf3twRo= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.10-k3s1 h1:wrf1RHTvj43MSoW7mILvIM1InUGinGArWUcX3nZtds0= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.10-k3s1/go.mod h1:kEUR4nHaGTacDcHrY2P4IriUdykXxPuwBg7picxa+gk= -github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.10-k3s1 h1:QjjKXpCCEl/tJ6J/v6pMbfvnnk1wBcnNiRxtjAGIFgc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.10-k3s1/go.mod h1:ybBf1oAbFmYzk+mZE78A7W5GStT+ypahDaWnjlHrkGQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.10-k3s1 h1:zQiE5BGCu3Sckg7GrKqKq6ZbVh4zOjBq5sQk8+fpDIk= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.10-k3s1/go.mod h1:jR+bJp7erYNUmcS7lWDm404aFVonltWE56LV8CuqKyg= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.10-k3s1 h1:2wRU9HwguBL4CGbTwydtmWZUFZYFbRC539xkHodrf+I= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.10-k3s1/go.mod h1:u/3V4xqf6jIp7eOZRZwzmiXUsRTt+XoKjivv6O9gZAg= -github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.10-k3s1 h1:zBLHIy6lNtU2NIOt1CWx2Ve4maZ7t/RbT9juoZC25xM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.10-k3s1/go.mod h1:adA9bBHXD+K7tPn7kTpjQ3VcUzK6PFgAdNEofr4fEx4= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.10-k3s1 h1:TI4zcyxwbcPwFPsd4B+k6AISyqAQfTjMJTthjiIkphU= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.10-k3s1/go.mod h1:s5+c+ujL0WM82kzxP4CedFV+vn31pD7WJRM9+GYTk7Q= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.10-k3s1 h1:T8m6UhD0YwOLaYxzZi2vg3SutJ1ISTDWIM/1cg4N+gU= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.10-k3s1/go.mod h1:6CzB8GMVD+ZlCXZjHiqccHpC9FFlRTCz+rHd176Lxfc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.10-k3s1 h1:nGqCEgaPjlH8lh1S2OHTkoZeISj+5ZryLRXhcf75WUE= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.10-k3s1/go.mod h1:PWMBqO9xuXWJS8REJ8QWiouJzbiOwVVVT81ZTwYb2Nk= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.10-k3s1 h1:TB0+Oe2O4NsH9FRObshkkBmH65lQimoVVfY/eHOnp1c= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.10-k3s1/go.mod h1:23iT4D9thFRxYGZ9DOa7zQ4ZyrFHyp+Bz5dXiruHNwI= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.10-k3s1 h1:EVtXj0h+WI1CaUczMqX6PeIP8qcZ2fXAjEMVfFEclac= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.10-k3s1/go.mod h1:UBqQ69FVXyP8Wpzo+Ni5LUZhwjzJCPSb+6eG8naeDKM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.10-k3s1 h1:hWaSbpyiVhWbEKD9lZuT+ejJsoqtjfUo3xdGVDEY9sQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.10-k3s1/go.mod h1:fuR1PhKU79SVjnVW43hQGrj6FKfNEZQ3iFU0IZCYFbY= -github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.10-k3s1 h1:wIqIjD5YAtdsJso+ID346vb/dYWj32NuLEt6Nj9c2I4= -github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.10-k3s1/go.mod h1:iv4u51XYDkRdyvp7BBP+KuQ+ZHjEjoCECFVzMJBDGZA= -github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.10-k3s1 h1:/LPcQkdOF9TyAGjjtllH9J8E6g+glF75hjY2w1QmVXg= -github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.10-k3s1/go.mod h1:6b8BmSxdcCMv3dXmS5BWv5biBmAX9BLmylPttQ0T+iM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.19.10-k3s1/go.mod h1:tl3x2SPSVsIqnioD4z87jXFemilbRh1EYDm3KirMsjI= +github.com/k3s-io/kubernetes v1.19.11-k3s1 h1:wh8dOPRj90pz4CSceVPioiS33bG1fgF+zZfCQ1klINQ= +github.com/k3s-io/kubernetes v1.19.11-k3s1/go.mod h1:f09eWYx+kAUzGrdf+qSQElQ1+HgCsN/ezDXq/XWyaOM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.11-k3s1 h1:GWydvn8vKQYRnuNK80NPaehTDdA9C/4cGsbgGG6qqw4= +github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.11-k3s1/go.mod h1:UcjwtWbtWvJiBBYsrqZFSZyK9yfDQvyyOaitZREMNNI= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.11-k3s1 h1:Lt6xWgdt7jnW8xguRfy8izlvYB99Za408z/XWLfmsM4= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.11-k3s1/go.mod h1:WgS2vy/M8pNm2Ym++3tDRbJprDEFUJ/eqkzdSHS5j+8= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.11-k3s1 h1:AKPnk5XQIZUWGFVtQmhObqP+On/B28NHybf+jR3oUYM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.11-k3s1/go.mod h1:fFlII/qsnIeSHWpdggx7In5YXa1QiB6eWf0DJ53rBHc= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.11-k3s1 h1:TBFcEcDfPN9ij6Ec/5+yb19PQJ59MAImRVaotkNFtjU= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.11-k3s1/go.mod h1:nkdU9Z48IXbnuyt0q2hr/2Bf8tlOGOjGcKhuAKmjINQ= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.11-k3s1 h1:ImQK+cFNoa3niaB/pIdyXi4HhhjK4zxyQb7XxCAK0mo= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.11-k3s1/go.mod h1:twd45pbv7psOvyGxI8eABhpeoXWW3bCX6aB5NVS6TXs= +github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.11-k3s1 h1:AklDo9MA7/x/tF3a1INsIzpBQOzaNX0HhyAq5L73JWs= +github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.11-k3s1/go.mod h1:mFyJ7Q7VaffgOf2fBYWE3u6tI6ORgNH3y86VrIPy++Y= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.11-k3s1 h1:Cg0DeajLKQAD944gkm41SnFEyJx9N2DogXKkLLMbTbo= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.11-k3s1/go.mod h1:vXBe7m69RSxIR/m6bm820O+WYUJHP9OXtEyTZf3twRo= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.11-k3s1 h1:Vs8M/DQjxwTSJ+YZSfOhaZLOo2yryHV9oj9mk9ifDYk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.11-k3s1/go.mod h1:kEUR4nHaGTacDcHrY2P4IriUdykXxPuwBg7picxa+gk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.11-k3s1 h1:p6PRHDQEWsa7bwuDL/rgvyp+pIIEtKCAumwNAU/2Qt8= +github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.11-k3s1/go.mod h1:ybBf1oAbFmYzk+mZE78A7W5GStT+ypahDaWnjlHrkGQ= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.11-k3s1 h1:g4PcSHXVhBcTMXuUZ9ZhFIpyMeBd205ugvXOJkuVBDI= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.11-k3s1/go.mod h1:jR+bJp7erYNUmcS7lWDm404aFVonltWE56LV8CuqKyg= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.11-k3s1 h1:pcD6uv47AwChUEcp602BmZcWFrt4kaJVcuPFkw5Z8wM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.11-k3s1/go.mod h1:u/3V4xqf6jIp7eOZRZwzmiXUsRTt+XoKjivv6O9gZAg= +github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.11-k3s1 h1:nj2KFKDlEdmzOXx3ZG0BhOqG3S8Jn1WyY7mxYog2FYg= +github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.11-k3s1/go.mod h1:adA9bBHXD+K7tPn7kTpjQ3VcUzK6PFgAdNEofr4fEx4= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.11-k3s1 h1:Bl/JPt/V8Fya1c/Ao1XS7QYEJefr4d8V7Hcs5/135kg= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.11-k3s1/go.mod h1:s5+c+ujL0WM82kzxP4CedFV+vn31pD7WJRM9+GYTk7Q= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.11-k3s1 h1:Ol3Y4dgv2gQAzn7p8MNyEc9Jf75G0imdy6UoZtITdks= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.11-k3s1/go.mod h1:6CzB8GMVD+ZlCXZjHiqccHpC9FFlRTCz+rHd176Lxfc= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.11-k3s1 h1:W021QyBU3mMwmKfk6scAjVINHn6vSVmGBMJt0+oFdi4= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.11-k3s1/go.mod h1:PWMBqO9xuXWJS8REJ8QWiouJzbiOwVVVT81ZTwYb2Nk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.11-k3s1 h1:/VEcpnMwi8zyh7H7OjSSkho0S5uwjtExXAXTvkOzkBM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.11-k3s1/go.mod h1:23iT4D9thFRxYGZ9DOa7zQ4ZyrFHyp+Bz5dXiruHNwI= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.11-k3s1 h1:77cYDcx3zF/F9sfvldoHR04YhNcNSupMXqTg5/7h6TM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.11-k3s1/go.mod h1:UBqQ69FVXyP8Wpzo+Ni5LUZhwjzJCPSb+6eG8naeDKM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.11-k3s1 h1:gSG3sr5+mC3QUrQD3uqr5sqw8oIm93hcDB4rL/Jw04c= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.11-k3s1/go.mod h1:fuR1PhKU79SVjnVW43hQGrj6FKfNEZQ3iFU0IZCYFbY= +github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.11-k3s1 h1:2Pp+lTS+ByJFXNbwjUxLjwGEmj4eAMLc/zxWv60tQeE= +github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.11-k3s1/go.mod h1:iv4u51XYDkRdyvp7BBP+KuQ+ZHjEjoCECFVzMJBDGZA= +github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.11-k3s1 h1:oBbXi7QxYb71bMfeaoTE+qEBwE59gpk7ZSh6sO7Uvpk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.11-k3s1/go.mod h1:6b8BmSxdcCMv3dXmS5BWv5biBmAX9BLmylPttQ0T+iM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.19.11-k3s1/go.mod h1:tl3x2SPSVsIqnioD4z87jXFemilbRh1EYDm3KirMsjI= github.com/karrick/godirwalk v1.7.5 h1:VbzFqwXwNbAZoA6W5odrLr+hKK197CcENcPh6E/gJ0M= github.com/karrick/godirwalk v1.7.5/go.mod h1:2c9FRhkDxdIbgkOnCEvnSWs71Bhugbl46shStcFDJ34= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= diff --git a/hack/build b/hack/build index 3ae0d29ab..dc382604d 100755 --- a/hack/build +++ b/hack/build @@ -109,9 +109,9 @@ ln -s containerd ./bin/crictl ln -s containerd ./bin/ctr echo Building runc -rm -f ./vendor/github.com/opencontainers/runc/runc -make EXTRA_LDFLAGS="-w -s" BUILDTAGS="$RUNC_TAGS" -C ./vendor/github.com/opencontainers/runc $RUNC_STATIC -cp -f ./vendor/github.com/opencontainers/runc/runc ./bin/runc +rm -f ./build/src/github.com/opencontainers/runc/runc +make GOPATH=$(pwd)/build EXTRA_LDFLAGS="-w -s" BUILDTAGS="$RUNC_TAGS" -C ./build/src/github.com/opencontainers/runc $RUNC_STATIC +cp -f ./build/src/github.com/opencontainers/runc/runc ./bin/runc echo Building containerd-shim rm -f ./vendor/github.com/containerd/containerd/bin/containerd-shim diff --git a/hack/download b/hack/download index 8260a178a..d1aca3964 100755 --- a/hack/download +++ b/hack/download @@ -5,14 +5,27 @@ cd $(dirname $0)/.. . ./hack/version.sh +RUNC_VERSION=v1.0.0-rc95 ROOT_VERSION=v0.8.1 TRAEFIK_VERSION=1.81.0 CHARTS_DIR=build/static/charts +RUNC_DIR=build/src/github.com/opencontainers/runc +DATA_DIR=build/data +umask 022 +rm -rf ${CHARTS_DIR} +rm -rf ${RUNC_DIR} mkdir -p ${CHARTS_DIR} +mkdir -p ${DATA_DIR} curl --compressed -sfL https://github.com/k3s-io/k3s-root/releases/download/${ROOT_VERSION}/k3s-root-${ARCH}.tar | tar xf - +git clone --depth=1 https://github.com/opencontainers/runc ${RUNC_DIR} || true +pushd ${RUNC_DIR} +git fetch --all --tags +git checkout ${RUNC_VERSION} -b k8e +popd + TRAEFIK_FILE=traefik-${TRAEFIK_VERSION}.tgz TRAEFIK_URL=https://charts.helm.sh/stable/packages/${TRAEFIK_FILE} diff --git a/pkg/agent/run.go b/pkg/agent/run.go index 48e36b735..c2fd9948e 100644 --- a/pkg/agent/run.go +++ b/pkg/agent/run.go @@ -2,7 +2,6 @@ package agent import ( "context" - "errors" "fmt" "io/ioutil" "net/url" @@ -12,6 +11,7 @@ import ( "time" systemd "github.com/coreos/go-systemd/daemon" + "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/agent/config" "github.com/xiaods/k8e/pkg/agent/containerd" @@ -34,6 +34,9 @@ import ( "k8s.io/client-go/kubernetes" v1 "k8s.io/client-go/kubernetes/typed/core/v1" "k8s.io/client-go/tools/clientcmd" + app2 "k8s.io/kubernetes/cmd/kube-proxy/app" + kubeproxyconfig "k8s.io/kubernetes/pkg/proxy/apis/config" + utilpointer "k8s.io/utils/pointer" ) var ( @@ -74,6 +77,12 @@ func setupCriCtlConfig(cfg cmds.Agent, nodeConfig *daemonconfig.Node) error { func run(ctx context.Context, cfg cmds.Agent, proxy proxy.Proxy) error { nodeConfig := config.Get(ctx, cfg, proxy) + conntrackConfig, err := getConntrackConfig(nodeConfig) + if err != nil { + return errors.Wrap(err, "failed to validate kube-proxy conntrack configuration") + } + syssetup.Configure(conntrackConfig) + if err := setupCriCtlConfig(cfg, nodeConfig); err != nil { return err } @@ -118,6 +127,49 @@ func run(ctx context.Context, cfg cmds.Agent, proxy proxy.Proxy) error { return ctx.Err() } +// getConntrackConfig uses the kube-proxy code to parse the user-provided kube-proxy-arg values, and +// extract the conntrack settings so that K8e can set them itself. This allows us to soft-fail when +// running K8e in Docker, where kube-proxy is no longer allowed to set conntrack sysctls on newer kernels. +// When running rootless, we do not attempt to set conntrack sysctls - this behavior is copied from kubeadm. +func getConntrackConfig(nodeConfig *daemonconfig.Node) (*kubeproxyconfig.KubeProxyConntrackConfiguration, error) { + ctConfig := &kubeproxyconfig.KubeProxyConntrackConfiguration{ + MaxPerCore: utilpointer.Int32Ptr(0), + Min: utilpointer.Int32Ptr(0), + TCPEstablishedTimeout: &metav1.Duration{}, + TCPCloseWaitTimeout: &metav1.Duration{}, + } + + if nodeConfig.AgentConfig.Rootless { + return ctConfig, nil + } + + cmd := app2.NewProxyCommand() + if err := cmd.ParseFlags(daemonconfig.GetArgsList(map[string]string{}, nodeConfig.AgentConfig.ExtraKubeProxyArgs)); err != nil { + return nil, err + } + maxPerCore, err := cmd.Flags().GetInt32("conntrack-max-per-core") + if err != nil { + return nil, err + } + ctConfig.MaxPerCore = &maxPerCore + min, err := cmd.Flags().GetInt32("conntrack-min") + if err != nil { + return nil, err + } + ctConfig.Min = &min + establishedTimeout, err := cmd.Flags().GetDuration("conntrack-tcp-timeout-established") + if err != nil { + return nil, err + } + ctConfig.TCPEstablishedTimeout.Duration = establishedTimeout + closeWaitTimeout, err := cmd.Flags().GetDuration("conntrack-tcp-timeout-close-wait") + if err != nil { + return nil, err + } + ctConfig.TCPCloseWaitTimeout.Duration = closeWaitTimeout + return ctConfig, nil +} + func coreClient(cfg string) (kubernetes.Interface, error) { restConfig, err := clientcmd.BuildConfigFromFlags("", cfg) if err != nil { @@ -131,7 +183,6 @@ func Run(ctx context.Context, cfg cmds.Agent) error { if err := validate(); err != nil { return err } - syssetup.Configure() if cfg.Rootless && !cfg.RootlessAlreadyUnshared { if err := rootless.Rootless(cfg.DataDir); err != nil { diff --git a/pkg/agent/syssetup/setup.go b/pkg/agent/syssetup/setup.go index d19310fdb..f108f6185 100644 --- a/pkg/agent/syssetup/setup.go +++ b/pkg/agent/syssetup/setup.go @@ -3,11 +3,16 @@ package syssetup import ( - "io/ioutil" "os" "os/exec" + "runtime" + "time" + "github.com/google/cadvisor/machine" + "github.com/google/cadvisor/utils/sysfs" "github.com/sirupsen/logrus" + kubeproxyconfig "k8s.io/kubernetes/pkg/proxy/apis/config" + "k8s.io/kubernetes/pkg/util/sysctl" ) func loadKernelModule(moduleName string) { @@ -16,18 +21,14 @@ func loadKernelModule(moduleName string) { return } - if err := exec.Command("modprobe", moduleName).Run(); err != nil { - logrus.Warn("Failed to start " + moduleName + " module") + if err := exec.Command("modprobe", "--", moduleName).Run(); err != nil { + logrus.Warnf("Failed to load kernel module %v with modprobe", moduleName) } } -func enableSystemControl(file string) { - if err := ioutil.WriteFile(file, []byte("1"), 0640); err != nil { - logrus.Warnf("Failed to write value 1 at "+file+": %v", err) - } -} - -func Configure() { +// Configure loads required kernel modules and sets sysctls required for other components to +// function properly. +func Configure(config *kubeproxyconfig.KubeProxyConntrackConfiguration) { loadKernelModule("overlay") loadKernelModule("nf_conntrack") loadKernelModule("br_netfilter") @@ -36,10 +37,63 @@ func Configure() { // Kernel is inconsistent about how devconf is configured for // new network namespaces between ipv4 and ipv6. Make sure to // enable forwarding on all and default for both ipv4 and ipv8. - enableSystemControl("/proc/sys/net/ipv4/conf/all/forwarding") - enableSystemControl("/proc/sys/net/ipv4/conf/default/forwarding") - enableSystemControl("/proc/sys/net/ipv6/conf/all/forwarding") - enableSystemControl("/proc/sys/net/ipv6/conf/default/forwarding") - enableSystemControl("/proc/sys/net/bridge/bridge-nf-call-iptables") - enableSystemControl("/proc/sys/net/bridge/bridge-nf-call-ip6tables") + sysctls := map[string]int{ + "net/ipv4/conf/all/forwarding": 1, + "net/ipv4/conf/default/forwarding": 1, + "net/ipv6/conf/all/forwarding": 1, + "net/ipv6/conf/default/forwarding": 1, + "net/bridge/bridge-nf-call-iptables": 1, + "net/bridge/bridge-nf-call-ip6tables": 1, + } + + if conntrackMax := getConntrackMax(config); conntrackMax > 0 { + sysctls["net/netfilter/nf_conntrack_max"] = conntrackMax + } + if config.TCPEstablishedTimeout.Duration > 0 { + sysctls["net/netfilter/nf_conntrack_tcp_timeout_established"] = int(config.TCPEstablishedTimeout.Duration / time.Second) + } + if config.TCPCloseWaitTimeout.Duration > 0 { + sysctls["net/netfilter/nf_conntrack_tcp_timeout_close_wait"] = int(config.TCPCloseWaitTimeout.Duration / time.Second) + } + + sys := sysctl.New() + for entry, value := range sysctls { + if val, _ := sys.GetSysctl(entry); val != value { + logrus.Infof("Set sysctl '%v' to %v", entry, value) + if err := sys.SetSysctl(entry, value); err != nil { + logrus.Errorf("Failed to set sysctl: %v", err) + } + } + } +} + +// getConntrackMax is cribbed from kube-proxy, as recent kernels no longer allow non-init namespaces +// to set conntrack-related sysctls. +// ref: https://github.com/kubernetes/kubernetes/blob/v1.21.1/cmd/kube-proxy/app/server.go#L780 +// ref: https://github.com/kubernetes-sigs/kind/issues/2240 +func getConntrackMax(config *kubeproxyconfig.KubeProxyConntrackConfiguration) int { + if config.MaxPerCore != nil && *config.MaxPerCore > 0 { + floor := 0 + if config.Min != nil { + floor = int(*config.Min) + } + scaled := int(*config.MaxPerCore) * detectNumCPU() + if scaled > floor { + logrus.Debugf("getConntrackMax: using scaled conntrack-max-per-core") + return scaled + } + logrus.Debugf("getConntrackMax: using conntrack-min") + return floor + } + return 0 +} + +// detectNumCPU is also cribbed from kube-proxy +func detectNumCPU() int { + // try get numCPU from /sys firstly due to a known issue (https://github.com/kubernetes/kubernetes/issues/99225) + _, numCPU, err := machine.GetTopology(sysfs.NewRealSysFs()) + if err != nil || numCPU < 1 { + return runtime.NumCPU() + } + return numCPU } diff --git a/pkg/daemons/agent/agent.go b/pkg/daemons/agent/agent.go index bcc128754..644561276 100644 --- a/pkg/daemons/agent/agent.go +++ b/pkg/daemons/agent/agent.go @@ -39,10 +39,13 @@ func Agent(config *config.Agent) error { func startKubeProxy(cfg *config.Agent) error { argsMap := map[string]string{ - "proxy-mode": "iptables", - "healthz-bind-address": "127.0.0.1", - "kubeconfig": cfg.KubeConfigKubeProxy, - "cluster-cidr": cfg.ClusterCIDR.String(), + "proxy-mode": "iptables", + "healthz-bind-address": "127.0.0.1", + "kubeconfig": cfg.KubeConfigKubeProxy, + "cluster-cidr": cfg.ClusterCIDR.String(), + "conntrack-max-per-core": "0", + "conntrack-tcp-timeout-established": "0s", + "conntrack-tcp-timeout-close-wait": "0s", } if cfg.NodeName != "" { argsMap["hostname-override"] = cfg.NodeName diff --git a/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go b/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go index f89ca163c..3e0cdb10d 100644 --- a/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go +++ b/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go @@ -166,7 +166,7 @@ func (m *Quantity) Unmarshal(data []byte) error { if err != nil { return err } - if skippy < 0 { + if (skippy < 0) || (iNdEx+skippy) < 0 { return ErrInvalidLengthGenerated } if (iNdEx + skippy) > l { diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go index 00ce5f785..32f075782 100644 --- a/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go +++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go @@ -78,6 +78,8 @@ type Connection interface { // SetIdleTimeout sets the amount of time the connection may remain idle before // it is automatically closed. SetIdleTimeout(timeout time.Duration) + // RemoveStreams can be used to remove a set of streams from the Connection. + RemoveStreams(streams ...Stream) } // Stream represents a bidirectional communications channel that is part of an diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go index 7a6881250..6cd22b9b6 100644 --- a/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go +++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go @@ -31,7 +31,7 @@ import ( // streams. type connection struct { conn *spdystream.Connection - streams []httpstream.Stream + streams map[uint32]httpstream.Stream streamLock sync.Mutex newStreamHandler httpstream.NewStreamHandler } @@ -64,7 +64,11 @@ func NewServerConnection(conn net.Conn, newStreamHandler httpstream.NewStreamHan // will be invoked when the server receives a newly created stream from the // client. func newConnection(conn *spdystream.Connection, newStreamHandler httpstream.NewStreamHandler) httpstream.Connection { - c := &connection{conn: conn, newStreamHandler: newStreamHandler} + c := &connection{ + conn: conn, + newStreamHandler: newStreamHandler, + streams: make(map[uint32]httpstream.Stream), + } go conn.Serve(c.newSpdyStream) return c } @@ -81,7 +85,7 @@ func (c *connection) Close() error { // calling Reset instead of Close ensures that all streams are fully torn down s.Reset() } - c.streams = make([]httpstream.Stream, 0) + c.streams = make(map[uint32]httpstream.Stream, 0) c.streamLock.Unlock() // now that all streams are fully torn down, it's safe to call close on the underlying connection, @@ -90,6 +94,15 @@ func (c *connection) Close() error { return c.conn.Close() } +// RemoveStreams can be used to removes a set of streams from the Connection. +func (c *connection) RemoveStreams(streams ...httpstream.Stream) { + c.streamLock.Lock() + for _, stream := range streams { + delete(c.streams, stream.Identifier()) + } + c.streamLock.Unlock() +} + // CreateStream creates a new stream with the specified headers and registers // it with the connection. func (c *connection) CreateStream(headers http.Header) (httpstream.Stream, error) { @@ -109,7 +122,7 @@ func (c *connection) CreateStream(headers http.Header) (httpstream.Stream, error // it owns. func (c *connection) registerStream(s httpstream.Stream) { c.streamLock.Lock() - c.streams = append(c.streams, s) + c.streams[s.Identifier()] = s c.streamLock.Unlock() } diff --git a/vendor/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap/default.go b/vendor/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap/default.go index 147128709..e7d73540c 100644 --- a/vendor/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap/default.go +++ b/vendor/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap/default.go @@ -64,6 +64,7 @@ var ( } SuggestedFlowSchemas = []*flowcontrol.FlowSchema{ SuggestedFlowSchemaSystemNodes, // references "system" priority-level + SuggestedFlowSchemaProbes, // references "exempt" priority-level SuggestedFlowSchemaSystemLeaderElection, // references "leader-election" priority-level SuggestedFlowSchemaWorkloadLeaderElection, // references "leader-election" priority-level SuggestedFlowSchemaKubeControllerManager, // references "workload-high" priority-level @@ -394,6 +395,19 @@ var ( }, }, ) + // the following flow schema exempts probes + SuggestedFlowSchemaProbes = newFlowSchema( + "probes", "exempt", 2, + "", // distinguisherMethodType + flowcontrol.PolicyRulesWithSubjects{ + Subjects: groups(user.AllUnauthenticated, user.AllAuthenticated), + NonResourceRules: []flowcontrol.NonResourcePolicyRule{ + nonResourceRule( + []string{"get"}, + []string{"/healthz", "/readyz", "/livez"}), + }, + }, + ) ) func newPriorityLevelConfiguration(name string, spec flowcontrol.PriorityLevelConfigurationSpec) *flowcontrol.PriorityLevelConfiguration { diff --git a/vendor/k8s.io/client-go/pkg/version/base.go b/vendor/k8s.io/client-go/pkg/version/base.go index 75c03bbec..2a6002cb7 100644 --- a/vendor/k8s.io/client-go/pkg/version/base.go +++ b/vendor/k8s.io/client-go/pkg/version/base.go @@ -3,8 +3,8 @@ package version var ( gitMajor = "1" gitMinor = "19" - gitVersion = "v1.19.10-k3s1" - gitCommit = "bea386a02dc87090aa113557a249cf69c52281fa" + gitVersion = "v1.19.11-k3s1" + gitCommit = "4230b2ac644cf72064bf7cacdf2ffa13292b3c1f" gitTreeState = "clean" - buildDate = "2021-04-15T18:19:54Z" + buildDate = "2021-05-14T11:17:50Z" ) diff --git a/vendor/k8s.io/component-base/logs/json/json.go b/vendor/k8s.io/component-base/logs/json/json.go index f9bb55656..fd2324697 100644 --- a/vendor/k8s.io/component-base/logs/json/json.go +++ b/vendor/k8s.io/component-base/logs/json/json.go @@ -148,8 +148,9 @@ func (l *zapLogger) WithName(name string) logr.Logger { var encoderConfig = zapcore.EncoderConfig{ MessageKey: "msg", - TimeKey: "ts", - EncodeTime: zapcore.EpochMillisTimeEncoder, + TimeKey: "ts", + EncodeTime: zapcore.EpochMillisTimeEncoder, + EncodeDuration: zapcore.StringDurationEncoder, } // NewJSONLogger creates a new json logr.Logger using the given Zap Logger to log. diff --git a/vendor/k8s.io/component-base/version/base.go b/vendor/k8s.io/component-base/version/base.go index 75c03bbec..2a6002cb7 100644 --- a/vendor/k8s.io/component-base/version/base.go +++ b/vendor/k8s.io/component-base/version/base.go @@ -3,8 +3,8 @@ package version var ( gitMajor = "1" gitMinor = "19" - gitVersion = "v1.19.10-k3s1" - gitCommit = "bea386a02dc87090aa113557a249cf69c52281fa" + gitVersion = "v1.19.11-k3s1" + gitCommit = "4230b2ac644cf72064bf7cacdf2ffa13292b3c1f" gitTreeState = "clean" - buildDate = "2021-04-15T18:19:54Z" + buildDate = "2021-05-14T11:17:50Z" ) diff --git a/vendor/k8s.io/csi-translation-lib/plugins/aws_ebs.go b/vendor/k8s.io/csi-translation-lib/plugins/aws_ebs.go index 21a5b96a4..b144022cd 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/aws_ebs.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/aws_ebs.go @@ -85,7 +85,7 @@ func (t *awsElasticBlockStoreCSITranslator) TranslateInTreeStorageClassToCSI(sc // TranslateInTreeInlineVolumeToCSI takes a Volume with AWSElasticBlockStore set from in-tree // and converts the AWSElasticBlockStore source to a CSIPersistentVolumeSource -func (t *awsElasticBlockStoreCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *awsElasticBlockStoreCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.AWSElasticBlockStore == nil { return nil, fmt.Errorf("volume is nil or AWS EBS not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/plugins/azure_disk.go b/vendor/k8s.io/csi-translation-lib/plugins/azure_disk.go index 8184881de..d47df35e5 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/azure_disk.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/azure_disk.go @@ -93,7 +93,7 @@ func (t *azureDiskCSITranslator) TranslateInTreeStorageClassToCSI(sc *storage.St // TranslateInTreeInlineVolumeToCSI takes a Volume with AzureDisk set from in-tree // and converts the AzureDisk source to a CSIPersistentVolumeSource -func (t *azureDiskCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *azureDiskCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.AzureDisk == nil { return nil, fmt.Errorf("volume is nil or Azure Disk not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/plugins/azure_file.go b/vendor/k8s.io/csi-translation-lib/plugins/azure_file.go index 6ce3be461..df8251325 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/azure_file.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/azure_file.go @@ -65,7 +65,7 @@ func (t *azureFileCSITranslator) TranslateInTreeStorageClassToCSI(sc *storage.St // TranslateInTreeInlineVolumeToCSI takes a Volume with AzureFile set from in-tree // and converts the AzureFile source to a CSIPersistentVolumeSource -func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.AzureFile == nil { return nil, fmt.Errorf("volume is nil or Azure File not defined on volume") } @@ -77,6 +77,11 @@ func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Vol accountName = azureSource.SecretName } + secretNamespace := defaultSecretNamespace + if podNamespace != "" { + secretNamespace = podNamespace + } + var ( pv = &v1.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{ @@ -93,7 +98,7 @@ func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Vol VolumeAttributes: map[string]string{shareNameField: azureSource.ShareName}, NodeStageSecretRef: &v1.SecretReference{ Name: azureSource.SecretName, - Namespace: defaultSecretNamespace, + Namespace: secretNamespace, }, }, }, diff --git a/vendor/k8s.io/csi-translation-lib/plugins/gce_pd.go b/vendor/k8s.io/csi-translation-lib/plugins/gce_pd.go index 38b1efc15..38c35cbbc 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/gce_pd.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/gce_pd.go @@ -163,7 +163,7 @@ func backwardCompatibleAccessModes(ams []v1.PersistentVolumeAccessMode) []v1.Per // TranslateInTreeInlineVolumeToCSI takes a Volume with GCEPersistentDisk set from in-tree // and converts the GCEPersistentDisk source to a CSIPersistentVolumeSource -func (g *gcePersistentDiskCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (g *gcePersistentDiskCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.GCEPersistentDisk == nil { return nil, fmt.Errorf("volume is nil or GCE PD not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go b/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go index be659416d..bc7770ed4 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go @@ -37,7 +37,8 @@ type InTreePlugin interface { // TranslateInTreeInlineVolumeToCSI takes a inline volume and will translate // the in-tree inline volume source to a CSIPersistentVolumeSource // A PV object containing the CSIPersistentVolumeSource in it's spec is returned - TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) + // podNamespace is only needed for azurefile to fetch secret namespace, no need to be set for other plugins. + TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) // TranslateInTreePVToCSI takes a persistent volume and will translate // the in-tree pv source to a CSI Source. The input persistent volume can be modified diff --git a/vendor/k8s.io/csi-translation-lib/plugins/openstack_cinder.go b/vendor/k8s.io/csi-translation-lib/plugins/openstack_cinder.go index 3fb3862e5..0b02a0aa5 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/openstack_cinder.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/openstack_cinder.go @@ -75,7 +75,7 @@ func (t *osCinderCSITranslator) TranslateInTreeStorageClassToCSI(sc *storage.Sto // TranslateInTreeInlineVolumeToCSI takes a Volume with Cinder set from in-tree // and converts the Cinder source to a CSIPersistentVolumeSource -func (t *osCinderCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *osCinderCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.Cinder == nil { return nil, fmt.Errorf("volume is nil or Cinder not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/plugins/vsphere_volume.go b/vendor/k8s.io/csi-translation-lib/plugins/vsphere_volume.go index 531aff0d9..83058b374 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/vsphere_volume.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/vsphere_volume.go @@ -111,7 +111,7 @@ func (t *vSphereCSITranslator) TranslateInTreeStorageClassToCSI(sc *storage.Stor // TranslateInTreeInlineVolumeToCSI takes a Volume with VsphereVolume set from in-tree // and converts the VsphereVolume source to a CSIPersistentVolumeSource -func (t *vSphereCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *vSphereCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.VsphereVolume == nil { return nil, fmt.Errorf("volume is nil or VsphereVolume not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/translate.go b/vendor/k8s.io/csi-translation-lib/translate.go index 21f5c49d5..c1ffbe974 100644 --- a/vendor/k8s.io/csi-translation-lib/translate.go +++ b/vendor/k8s.io/csi-translation-lib/translate.go @@ -62,13 +62,13 @@ func (CSITranslator) TranslateInTreeStorageClassToCSI(inTreePluginName string, s // TranslateInTreeInlineVolumeToCSI takes a inline volume and will translate // the in-tree volume source to a CSIPersistentVolumeSource (wrapped in a PV) // if the translation logic has been implemented. -func (CSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (CSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil { return nil, fmt.Errorf("persistent volume was nil") } for _, curPlugin := range inTreePlugins { if curPlugin.CanSupportInline(volume) { - pv, err := curPlugin.TranslateInTreeInlineVolumeToCSI(volume) + pv, err := curPlugin.TranslateInTreeInlineVolumeToCSI(volume, podNamespace) if err != nil { return nil, err } diff --git a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go index 2ccf368a9..c229eb7fa 100644 --- a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go +++ b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go @@ -360,6 +360,12 @@ func newProxyServer( } } + useEndpointSlices := utilfeature.DefaultFeatureGate.Enabled(features.EndpointSliceProxying) + if proxyMode == proxyModeUserspace { + // userspace mode doesn't support endpointslice. + useEndpointSlices = false + } + var connTracker Conntracker if !libcontainersystem.RunningInUserNS() { // if we are in userns, sysctl does not work and connTracker should be kept nil @@ -386,7 +392,7 @@ func newProxyServer( OOMScoreAdj: config.OOMScoreAdj, ConfigSyncPeriod: config.ConfigSyncPeriod.Duration, HealthzServer: healthzServer, - UseEndpointSlices: utilfeature.DefaultFeatureGate.Enabled(features.EndpointSliceProxying), + UseEndpointSlices: useEndpointSlices, }, nil } diff --git a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_windows.go b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_windows.go index 759f04b08..661e5c1ef 100644 --- a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_windows.go +++ b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_windows.go @@ -159,7 +159,11 @@ func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExi return nil, fmt.Errorf("unable to create proxier: %v", err) } } - + useEndpointSlices := utilfeature.DefaultFeatureGate.Enabled(features.WindowsEndpointSliceProxying) + if proxyMode == proxyModeUserspace { + // userspace mode doesn't support endpointslice. + useEndpointSlices = false + } return &ProxyServer{ Client: client, EventClient: eventClient, @@ -174,7 +178,7 @@ func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExi OOMScoreAdj: config.OOMScoreAdj, ConfigSyncPeriod: config.ConfigSyncPeriod.Duration, HealthzServer: healthzServer, - UseEndpointSlices: utilfeature.DefaultFeatureGate.Enabled(features.WindowsEndpointSliceProxying), + UseEndpointSlices: useEndpointSlices, }, nil } diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go index 2e6a1b317..6d6c75b61 100644 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go +++ b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go @@ -4219,7 +4219,7 @@ func ValidateService(service *core.Service, allowAppProtocol bool) field.ErrorLi allErrs = append(allErrs, field.Invalid(idxPath, ip, msgs[i])) } } else { - allErrs = append(allErrs, validateNonSpecialIP(ip, idxPath)...) + allErrs = append(allErrs, ValidateNonSpecialIP(ip, idxPath)...) } } @@ -5687,15 +5687,19 @@ func validateEndpointAddress(address *core.EndpointAddress, fldPath *field.Path) allErrs = append(allErrs, field.Invalid(fldPath.Child("nodeName"), *address.NodeName, msg)) } } - allErrs = append(allErrs, validateNonSpecialIP(address.IP, fldPath.Child("ip"))...) + allErrs = append(allErrs, ValidateNonSpecialIP(address.IP, fldPath.Child("ip"))...) return allErrs } -func validateNonSpecialIP(ipAddress string, fldPath *field.Path) field.ErrorList { - // We disallow some IPs as endpoints or external-ips. Specifically, - // unspecified and loopback addresses are nonsensical and link-local - // addresses tend to be used for node-centric purposes (e.g. metadata - // service). +// ValidateNonSpecialIP is used to validate Endpoints, EndpointSlices, and +// external IPs. Specifically, this disallows unspecified and loopback addresses +// are nonsensical and link-local addresses tend to be used for node-centric +// purposes (e.g. metadata service). +// +// IPv6 references +// - https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml +// - https://www.iana.org/assignments/ipv6-multicast-addresses/ipv6-multicast-addresses.xhtml +func ValidateNonSpecialIP(ipAddress string, fldPath *field.Path) field.ErrorList { allErrs := field.ErrorList{} ip := net.ParseIP(ipAddress) if ip == nil { diff --git a/vendor/k8s.io/kubernetes/pkg/apis/discovery/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/discovery/validation/validation.go index 22b28447c..c0294e91c 100644 --- a/vendor/k8s.io/kubernetes/pkg/apis/discovery/validation/validation.go +++ b/vendor/k8s.io/kubernetes/pkg/apis/discovery/validation/validation.go @@ -103,8 +103,10 @@ func validateEndpoints(endpoints []discovery.Endpoint, addrType discovery.Addres } case discovery.AddressTypeIPv4: allErrs = append(allErrs, validation.IsValidIPv4Address(addressPath.Index(i), address)...) + allErrs = append(allErrs, apivalidation.ValidateNonSpecialIP(address, addressPath.Index(i))...) case discovery.AddressTypeIPv6: allErrs = append(allErrs, validation.IsValidIPv6Address(addressPath.Index(i), address)...) + allErrs = append(allErrs, apivalidation.ValidateNonSpecialIP(address, addressPath.Index(i))...) case discovery.AddressTypeFQDN: allErrs = append(allErrs, validation.IsFullyQualifiedDomainName(addressPath.Index(i), address)...) } diff --git a/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/endpointslice_tracker.go b/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/endpointslice_tracker.go index 16cd4bcca..b5bfcc9d7 100644 --- a/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/endpointslice_tracker.go +++ b/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/endpointslice_tracker.go @@ -80,9 +80,12 @@ func (est *endpointSliceTracker) ShouldSync(endpointSlice *discovery.EndpointSli return !ok || endpointSlice.Generation > g } -// StaleSlices returns true if one or more of the provided EndpointSlices -// have older generations than the corresponding tracked ones or if the tracker -// is expecting one or more of the provided EndpointSlices to be deleted. +// StaleSlices returns true if any of the following are true: +// 1. One or more of the provided EndpointSlices have older generations than the +// corresponding tracked ones. +// 2. The tracker is expecting one or more of the provided EndpointSlices to be +// deleted. +// 3. The tracker is tracking EndpointSlices that have not been provided. func (est *endpointSliceTracker) StaleSlices(service *v1.Service, endpointSlices []*discovery.EndpointSlice) bool { est.lock.Lock() defer est.lock.Unlock() @@ -92,12 +95,23 @@ func (est *endpointSliceTracker) StaleSlices(service *v1.Service, endpointSlices if !ok { return false } + providedSlices := map[types.UID]int64{} for _, endpointSlice := range endpointSlices { + providedSlices[endpointSlice.UID] = endpointSlice.Generation g, ok := gfs[endpointSlice.UID] if ok && (g == deletionExpected || g > endpointSlice.Generation) { return true } } + for uid, generation := range gfs { + if generation == deletionExpected { + continue + } + _, ok := providedSlices[uid] + if !ok { + return true + } + } return false } diff --git a/vendor/k8s.io/kubernetes/pkg/controller/endpointslicemirroring/endpointslice_tracker.go b/vendor/k8s.io/kubernetes/pkg/controller/endpointslicemirroring/endpointslice_tracker.go index c7612590e..85ec119d4 100644 --- a/vendor/k8s.io/kubernetes/pkg/controller/endpointslicemirroring/endpointslice_tracker.go +++ b/vendor/k8s.io/kubernetes/pkg/controller/endpointslicemirroring/endpointslice_tracker.go @@ -80,9 +80,12 @@ func (est *endpointSliceTracker) ShouldSync(endpointSlice *discovery.EndpointSli return !ok || endpointSlice.Generation > g } -// StaleSlices returns true if one or more of the provided EndpointSlices -// have older generations than the corresponding tracked ones or if the tracker -// is expecting one or more of the provided EndpointSlices to be deleted. +// StaleSlices returns true if any of the following are true: +// 1. One or more of the provided EndpointSlices have older generations than the +// corresponding tracked ones. +// 2. The tracker is expecting one or more of the provided EndpointSlices to be +// deleted. +// 3. The tracker is tracking EndpointSlices that have not been provided. func (est *endpointSliceTracker) StaleSlices(service *v1.Service, endpointSlices []*discovery.EndpointSlice) bool { est.lock.Lock() defer est.lock.Unlock() @@ -92,12 +95,23 @@ func (est *endpointSliceTracker) StaleSlices(service *v1.Service, endpointSlices if !ok { return false } + providedSlices := map[types.UID]int64{} for _, endpointSlice := range endpointSlices { + providedSlices[endpointSlice.UID] = endpointSlice.Generation g, ok := gfs[endpointSlice.UID] if ok && (g == deletionExpected || g > endpointSlice.Generation) { return true } } + for uid, generation := range gfs { + if generation == deletionExpected { + continue + } + _, ok := providedSlices[uid] + if !ok { + return true + } + } return false } diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go index 389fbec77..d434cec01 100644 --- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go +++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go @@ -21,7 +21,7 @@ import ( "fmt" "strings" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/sets" utilfeature "k8s.io/apiserver/pkg/util/feature" @@ -85,7 +85,7 @@ func CreateVolumeSpec(podVolume v1.Volume, pod *v1.Pod, nodeName types.NodeName, err) } - volumeSpec, err = translateInTreeSpecToCSIIfNeeded(volumeSpec, nodeName, vpm, csiMigratedPluginManager, csiTranslator) + volumeSpec, err = translateInTreeSpecToCSIIfNeeded(volumeSpec, nodeName, vpm, csiMigratedPluginManager, csiTranslator, pod.Namespace) if err != nil { return nil, fmt.Errorf( "error performing CSI migration checks and translation for PVC %q/%q: %v", @@ -110,7 +110,7 @@ func CreateVolumeSpec(podVolume v1.Volume, pod *v1.Pod, nodeName types.NodeName, clonedPodVolume := podVolume.DeepCopy() origspec := volume.NewSpecFromVolume(clonedPodVolume) - spec, err := translateInTreeSpecToCSIIfNeeded(origspec, nodeName, vpm, csiMigratedPluginManager, csiTranslator) + spec, err := translateInTreeSpecToCSIIfNeeded(origspec, nodeName, vpm, csiMigratedPluginManager, csiTranslator, pod.Namespace) if err != nil { return nil, fmt.Errorf( "error performing CSI migration checks and translation for inline volume %q: %v", @@ -286,7 +286,7 @@ func ProcessPodVolumes(pod *v1.Pod, addVolumes bool, desiredStateOfWorld cache.D return } -func translateInTreeSpecToCSIIfNeeded(spec *volume.Spec, nodeName types.NodeName, vpm *volume.VolumePluginMgr, csiMigratedPluginManager csimigration.PluginManager, csiTranslator csimigration.InTreeToCSITranslator) (*volume.Spec, error) { +func translateInTreeSpecToCSIIfNeeded(spec *volume.Spec, nodeName types.NodeName, vpm *volume.VolumePluginMgr, csiMigratedPluginManager csimigration.PluginManager, csiTranslator csimigration.InTreeToCSITranslator, podNamespace string) (*volume.Spec, error) { translatedSpec := spec migratable, err := csiMigratedPluginManager.IsMigratable(spec) if err != nil { @@ -301,7 +301,7 @@ func translateInTreeSpecToCSIIfNeeded(spec *volume.Spec, nodeName types.NodeName return nil, err } if migratable && migrationSupportedOnNode { - translatedSpec, err = csimigration.TranslateInTreeSpecToCSI(spec, csiTranslator) + translatedSpec, err = csimigration.TranslateInTreeSpecToCSI(spec, podNamespace, csiTranslator) if err != nil { return nil, err } diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/config/apiserver.go b/vendor/k8s.io/kubernetes/pkg/kubelet/config/apiserver.go index 2f29ddd57..ea71490ff 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/config/apiserver.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/config/apiserver.go @@ -17,21 +17,42 @@ limitations under the License. package config import ( - "k8s.io/api/core/v1" + "time" + + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/wait" clientset "k8s.io/client-go/kubernetes" "k8s.io/client-go/tools/cache" + "k8s.io/klog/v2" api "k8s.io/kubernetes/pkg/apis/core" kubetypes "k8s.io/kubernetes/pkg/kubelet/types" ) +// WaitForAPIServerSyncPeriod is the period between checks for the node list/watch initial sync +const WaitForAPIServerSyncPeriod = 1 * time.Second + // NewSourceApiserver creates a config source that watches and pulls from the apiserver. -func NewSourceApiserver(c clientset.Interface, nodeName types.NodeName, updates chan<- interface{}) { +func NewSourceApiserver(c clientset.Interface, nodeName types.NodeName, nodeHasSynced func() bool, updates chan<- interface{}) { lw := cache.NewListWatchFromClient(c.CoreV1().RESTClient(), "pods", metav1.NamespaceAll, fields.OneTermEqualSelector(api.PodHostField, string(nodeName))) - newSourceApiserverFromLW(lw, updates) + + // The Reflector responsible for watching pods at the apiserver should be run only after + // the node sync with the apiserver has completed. + klog.Info("Waiting for node sync before watching apiserver pods") + go func() { + for { + if nodeHasSynced() { + klog.V(4).Info("node sync completed") + break + } + time.Sleep(WaitForAPIServerSyncPeriod) + klog.V(4).Info("node sync has not completed yet") + } + klog.Info("Watching apiserver") + newSourceApiserverFromLW(lw, updates) + }() } // newSourceApiserverFromLW holds creates a config source that watches and pulls from the apiserver. diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cri/streaming/portforward/httpstream.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cri/streaming/portforward/httpstream.go index 419113054..ab58cf9ea 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/cri/streaming/portforward/httpstream.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cri/streaming/portforward/httpstream.go @@ -163,6 +163,10 @@ func (h *httpStreamHandler) removeStreamPair(requestID string) { h.streamPairsLock.Lock() defer h.streamPairsLock.Unlock() + if h.conn != nil { + pair := h.streamPairs[requestID] + h.conn.RemoveStreams(pair.dataStream, pair.errorStream) + } delete(h.streamPairs, requestID) } diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go index 1da403359..de6031edd 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go @@ -125,9 +125,6 @@ const ( // Max amount of time to wait for the container runtime to come up. maxWaitForContainerRuntime = 30 * time.Second - // Max amount of time to wait for node list/watch to initially sync - maxWaitForAPIServerSync = 10 * time.Second - // nodeStatusUpdateRetry specifies how many times kubelet retries when posting node status failed. nodeStatusUpdateRetry = 5 @@ -246,7 +243,7 @@ type DockerOptions struct { // makePodSourceConfig creates a config.PodConfig from the given // KubeletConfiguration or returns an error. -func makePodSourceConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *Dependencies, nodeName types.NodeName) (*config.PodConfig, error) { +func makePodSourceConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *Dependencies, nodeName types.NodeName, nodeHasSynced func() bool) (*config.PodConfig, error) { manifestURLHeader := make(http.Header) if len(kubeCfg.StaticPodURLHeader) > 0 { for k, v := range kubeCfg.StaticPodURLHeader { @@ -273,11 +270,11 @@ func makePodSourceConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, ku var updatechannel chan<- interface{} if kubeDeps.KubeClient != nil { - klog.Infof("Watching apiserver") + klog.Info("Adding apiserver pod source") if updatechannel == nil { updatechannel = cfg.Channel(kubetypes.ApiserverSource) } - config.NewSourceApiserver(kubeDeps.KubeClient, nodeName, updatechannel) + config.NewSourceApiserver(kubeDeps.KubeClient, nodeName, nodeHasSynced, updatechannel) } return cfg, nil } @@ -380,9 +377,32 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, } } + var nodeHasSynced cache.InformerSynced + var nodeLister corelisters.NodeLister + + // If kubeClient == nil, we are running in standalone mode (i.e. no API servers) + // If not nil, we are running as part of a cluster and should sync w/API + if kubeDeps.KubeClient != nil { + kubeInformers := informers.NewSharedInformerFactoryWithOptions(kubeDeps.KubeClient, 0, informers.WithTweakListOptions(func(options *metav1.ListOptions) { + options.FieldSelector = fields.Set{api.ObjectNameField: string(nodeName)}.String() + })) + nodeLister = kubeInformers.Core().V1().Nodes().Lister() + nodeHasSynced = func() bool { + return kubeInformers.Core().V1().Nodes().Informer().HasSynced() + } + kubeInformers.Start(wait.NeverStop) + klog.Info("Attempting to sync node with API server") + } else { + // we don't have a client to sync! + nodeIndexer := cache.NewIndexer(cache.MetaNamespaceKeyFunc, cache.Indexers{}) + nodeLister = corelisters.NewNodeLister(nodeIndexer) + nodeHasSynced = func() bool { return true } + klog.Info("Kubelet is running in standalone mode, will skip API server sync") + } + if kubeDeps.PodConfig == nil { var err error - kubeDeps.PodConfig, err = makePodSourceConfig(kubeCfg, kubeDeps, nodeName) + kubeDeps.PodConfig, err = makePodSourceConfig(kubeCfg, kubeDeps, nodeName, nodeHasSynced) if err != nil { return nil, err } @@ -434,31 +454,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, serviceHasSynced = func() bool { return true } } - var nodeHasSynced cache.InformerSynced - var nodeLister corelisters.NodeLister - - if kubeDeps.KubeClient != nil { - kubeInformers := informers.NewSharedInformerFactoryWithOptions(kubeDeps.KubeClient, 0, informers.WithTweakListOptions(func(options *metav1.ListOptions) { - options.FieldSelector = fields.Set{api.ObjectNameField: string(nodeName)}.String() - })) - nodeLister = kubeInformers.Core().V1().Nodes().Lister() - nodeHasSynced = func() bool { - if kubeInformers.Core().V1().Nodes().Informer().HasSynced() { - return true - } - klog.Infof("kubelet nodes not sync") - return false - } - kubeInformers.Start(wait.NeverStop) - klog.Info("Kubelet client is not nil") - } else { - // we dont have a client to sync! - nodeIndexer := cache.NewIndexer(cache.MetaNamespaceKeyFunc, cache.Indexers{}) - nodeLister = corelisters.NewNodeLister(nodeIndexer) - nodeHasSynced = func() bool { return true } - klog.Info("Kubelet client is nil") - } - // TODO: get the real node object of ourself, // and use the real node name and UID. // TODO: what is namespace for node? diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go index a470dcc4b..b7df2b0ae 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go @@ -22,7 +22,6 @@ import ( "io/ioutil" "net" "path/filepath" - "time" cadvisorapiv1 "github.com/google/cadvisor/info/v1" cadvisorv2 "github.com/google/cadvisor/info/v2" @@ -33,7 +32,6 @@ import ( v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/util/wait" "k8s.io/kubernetes/pkg/kubelet/cm" "k8s.io/kubernetes/pkg/kubelet/config" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" @@ -237,15 +235,6 @@ func (kl *Kubelet) GetNode() (*v1.Node, error) { if kl.kubeClient == nil { return kl.initialNode(context.TODO()) } - // if we have a valid kube client, we wait for initial lister to sync - if !kl.nodeHasSynced() { - err := wait.PollImmediate(time.Second, maxWaitForAPIServerSync, func() (bool, error) { - return kl.nodeHasSynced(), nil - }) - if err != nil { - return nil, fmt.Errorf("nodes have not yet been read at least once, cannot construct node object") - } - } return kl.nodeLister.Get(string(kl.nodeName)) } @@ -256,7 +245,7 @@ func (kl *Kubelet) GetNode() (*v1.Node, error) { // zero capacity, and the default labels. func (kl *Kubelet) getNodeAnyWay() (*v1.Node, error) { if kl.kubeClient != nil { - if n, err := kl.GetNode(); err == nil { + if n, err := kl.nodeLister.Get(string(kl.nodeName)); err == nil { return n, nil } } diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/worker.go b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/worker.go index cac63117b..d64cdc807 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/worker.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/worker.go @@ -243,8 +243,9 @@ func (w *worker) doProbe() (keepGoing bool) { if c.Started != nil && *c.Started { // Stop probing for startup once container has started. + // we keep it running to make sure it will work for restarted container. if w.probeType == startup { - return false + return true } } else { // Disable other probes until container has started. diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go index 9df3ea9cc..5f43a2b6e 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go @@ -563,7 +563,7 @@ func (dswp *desiredStateOfWorldPopulator) createVolumeSpec( return nil, nil, "", err } if migratable { - volumeSpec, err = csimigration.TranslateInTreeSpecToCSI(volumeSpec, dswp.intreeToCSITranslator) + volumeSpec, err = csimigration.TranslateInTreeSpecToCSI(volumeSpec, pod.Namespace, dswp.intreeToCSITranslator) if err != nil { return nil, nil, "", err } @@ -605,7 +605,7 @@ func (dswp *desiredStateOfWorldPopulator) createVolumeSpec( return nil, nil, "", err } if migratable { - spec, err = csimigration.TranslateInTreeSpecToCSI(spec, dswp.intreeToCSITranslator) + spec, err = csimigration.TranslateInTreeSpecToCSI(spec, pod.Namespace, dswp.intreeToCSITranslator) if err != nil { return nil, nil, "", err } diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go index d547fc6e9..9c4d290d7 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go @@ -198,9 +198,10 @@ func (a *azureFileProvisioner) Provision(selectedNode *v1.Node, allowedTopologie } if shareName == "" { - // File share name has a length limit of 63, and it cannot contain two consecutive '-'s. + // File share name has a length limit of 63, it cannot contain two consecutive '-'s, and all letters must be lower case. name := util.GenerateVolumeName(a.options.ClusterName, a.options.PVName, 63) shareName = strings.Replace(name, "--", "-", -1) + shareName = strings.ToLower(shareName) } if resourceGroup == "" { diff --git a/vendor/k8s.io/kubernetes/pkg/volume/csimigration/plugin_manager.go b/vendor/k8s.io/kubernetes/pkg/volume/csimigration/plugin_manager.go index 1d635166a..686eadb51 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/csimigration/plugin_manager.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/csimigration/plugin_manager.go @@ -120,19 +120,19 @@ func (pm PluginManager) IsMigratable(spec *volume.Spec) (bool, error) { // from references to in-tree plugins to migrated CSI plugins type InTreeToCSITranslator interface { TranslateInTreePVToCSI(pv *v1.PersistentVolume) (*v1.PersistentVolume, error) - TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) + TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) } // TranslateInTreeSpecToCSI translates a volume spec (either PV or inline volume) // supported by an in-tree plugin to CSI -func TranslateInTreeSpecToCSI(spec *volume.Spec, translator InTreeToCSITranslator) (*volume.Spec, error) { +func TranslateInTreeSpecToCSI(spec *volume.Spec, podNamespace string, translator InTreeToCSITranslator) (*volume.Spec, error) { var csiPV *v1.PersistentVolume var err error inlineVolume := false if spec.PersistentVolume != nil { csiPV, err = translator.TranslateInTreePVToCSI(spec.PersistentVolume) } else if spec.Volume != nil { - csiPV, err = translator.TranslateInTreeInlineVolumeToCSI(spec.Volume) + csiPV, err = translator.TranslateInTreeInlineVolumeToCSI(spec.Volume, podNamespace) inlineVolume = true } else { err = errors.New("not a valid volume spec") diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go index 52052e074..04eb08d4b 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go @@ -59,7 +59,7 @@ type InTreeToCSITranslator interface { GetInTreePluginNameFromSpec(pv *v1.PersistentVolume, vol *v1.Volume) (string, error) GetCSINameFromInTreeName(pluginName string) (string, error) TranslateInTreePVToCSI(pv *v1.PersistentVolume) (*v1.PersistentVolume, error) - TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) + TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) } var _ OperationGenerator = &operationGenerator{} diff --git a/vendor/k8s.io/legacy-cloud-providers/azure/azure_backoff.go b/vendor/k8s.io/legacy-cloud-providers/azure/azure_backoff.go index 221b64407..9e8254f16 100644 --- a/vendor/k8s.io/legacy-cloud-providers/azure/azure_backoff.go +++ b/vendor/k8s.io/legacy-cloud-providers/azure/azure_backoff.go @@ -273,6 +273,9 @@ func (az *Cloud) ListLB(service *v1.Service) ([]network.LoadBalancer, error) { rgName := az.getLoadBalancerResourceGroup() allLBs, rerr := az.LoadBalancerClient.List(ctx, rgName) if rerr != nil { + if rerr.IsNotFound() { + return nil, nil + } az.Event(service, v1.EventTypeWarning, "ListLoadBalancers", rerr.Error().Error()) klog.Errorf("LoadBalancerClient.List(%v) failure with err=%v", rgName, rerr) return nil, rerr.Error() @@ -288,6 +291,9 @@ func (az *Cloud) ListPIP(service *v1.Service, pipResourceGroup string) ([]networ allPIPs, rerr := az.PublicIPAddressesClient.List(ctx, pipResourceGroup) if rerr != nil { + if rerr.IsNotFound() { + return nil, nil + } az.Event(service, v1.EventTypeWarning, "ListPublicIPs", rerr.Error().Error()) klog.Errorf("PublicIPAddressesClient.List(%v) failure with err=%v", pipResourceGroup, rerr) return nil, rerr.Error() diff --git a/vendor/modules.txt b/vendor/modules.txt index 48ab95ff0..08d8ef5c4 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -546,6 +546,7 @@ github.com/golang/protobuf/ptypes/wrappers # github.com/google/btree v1.0.0 github.com/google/btree # github.com/google/cadvisor v0.37.5 +## explicit github.com/google/cadvisor/accelerators github.com/google/cadvisor/cache/memory github.com/google/cadvisor/collector @@ -1372,7 +1373,7 @@ gopkg.in/warnings.v0 gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 gopkg.in/yaml.v3 -# k8s.io/api v0.19.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.10-k3s1 +# k8s.io/api v0.19.11 => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.11-k3s1 ## explicit k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -1418,7 +1419,7 @@ k8s.io/api/settings/v1alpha1 k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 -# k8s.io/apiextensions-apiserver v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.10-k3s1 +# k8s.io/apiextensions-apiserver v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.11-k3s1 k8s.io/apiextensions-apiserver/pkg/apihelpers k8s.io/apiextensions-apiserver/pkg/apis/apiextensions k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install @@ -1458,7 +1459,7 @@ k8s.io/apiextensions-apiserver/pkg/generated/openapi k8s.io/apiextensions-apiserver/pkg/registry/customresource k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition -# k8s.io/apimachinery v0.19.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.10-k3s1 +# k8s.io/apimachinery v0.19.11 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.11-k3s1 ## explicit k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors @@ -1522,7 +1523,7 @@ k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/netutil k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/apiserver v0.19.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.10-k3s1 +# k8s.io/apiserver v0.19.11 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.11-k3s1 ## explicit k8s.io/apiserver/pkg/admission k8s.io/apiserver/pkg/admission/configuration @@ -1650,7 +1651,7 @@ k8s.io/apiserver/plugin/pkg/audit/webhook k8s.io/apiserver/plugin/pkg/authenticator/token/oidc k8s.io/apiserver/plugin/pkg/authenticator/token/webhook k8s.io/apiserver/plugin/pkg/authorizer/webhook -# k8s.io/cli-runtime v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.10-k3s1 +# k8s.io/cli-runtime v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.11-k3s1 k8s.io/cli-runtime/pkg/genericclioptions k8s.io/cli-runtime/pkg/kustomize k8s.io/cli-runtime/pkg/kustomize/k8sdeps @@ -1663,7 +1664,7 @@ k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator k8s.io/cli-runtime/pkg/printers k8s.io/cli-runtime/pkg/resource -# k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.10-k3s1 +# k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.11-k3s1 ## explicit k8s.io/client-go/discovery k8s.io/client-go/discovery/cached @@ -1902,7 +1903,7 @@ k8s.io/client-go/util/jsonpath k8s.io/client-go/util/keyutil k8s.io/client-go/util/retry k8s.io/client-go/util/workqueue -# k8s.io/cloud-provider v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.10-k3s1 +# k8s.io/cloud-provider v0.19.11 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.11-k3s1 ## explicit k8s.io/cloud-provider k8s.io/cloud-provider/api @@ -1915,13 +1916,13 @@ k8s.io/cloud-provider/service/helpers k8s.io/cloud-provider/volume k8s.io/cloud-provider/volume/errors k8s.io/cloud-provider/volume/helpers -# k8s.io/cluster-bootstrap v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.10-k3s1 +# k8s.io/cluster-bootstrap v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.11-k3s1 k8s.io/cluster-bootstrap/token/api k8s.io/cluster-bootstrap/token/jws k8s.io/cluster-bootstrap/token/util k8s.io/cluster-bootstrap/util/secrets k8s.io/cluster-bootstrap/util/tokens -# k8s.io/code-generator v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.10-k3s1 +# k8s.io/code-generator v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.11-k3s1 k8s.io/code-generator/cmd/client-gen/args k8s.io/code-generator/cmd/client-gen/generators k8s.io/code-generator/cmd/client-gen/generators/fake @@ -1936,7 +1937,7 @@ k8s.io/code-generator/cmd/lister-gen/args k8s.io/code-generator/cmd/lister-gen/generators k8s.io/code-generator/pkg/namer k8s.io/code-generator/pkg/util -# k8s.io/component-base v0.19.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.10-k3s1 +# k8s.io/component-base v0.19.11 => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.11-k3s1 ## explicit k8s.io/component-base/cli/flag k8s.io/component-base/cli/globalflag @@ -1960,11 +1961,11 @@ k8s.io/component-base/metrics/testutil k8s.io/component-base/term k8s.io/component-base/version k8s.io/component-base/version/verflag -# k8s.io/cri-api v0.19.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.10-k3s1 +# k8s.io/cri-api v0.19.11 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.11-k3s1 ## explicit k8s.io/cri-api/pkg/apis k8s.io/cri-api/pkg/apis/runtime/v1alpha2 -# k8s.io/csi-translation-lib v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.10-k3s1 +# k8s.io/csi-translation-lib v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.11-k3s1 k8s.io/csi-translation-lib k8s.io/csi-translation-lib/plugins # k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14 @@ -1982,7 +1983,7 @@ k8s.io/heapster/metrics/api/v1/types k8s.io/klog # k8s.io/klog/v2 v2.2.0 k8s.io/klog/v2 -# k8s.io/kube-aggregator v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.10-k3s1 +# k8s.io/kube-aggregator v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.11-k3s1 k8s.io/kube-aggregator/pkg/apis/apiregistration k8s.io/kube-aggregator/pkg/apis/apiregistration/install k8s.io/kube-aggregator/pkg/apis/apiregistration/v1 @@ -2010,7 +2011,7 @@ k8s.io/kube-aggregator/pkg/controllers/status k8s.io/kube-aggregator/pkg/registry/apiservice k8s.io/kube-aggregator/pkg/registry/apiservice/etcd k8s.io/kube-aggregator/pkg/registry/apiservice/rest -# k8s.io/kube-controller-manager v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.10-k3s1 +# k8s.io/kube-controller-manager v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.11-k3s1 k8s.io/kube-controller-manager/config/v1alpha1 # k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6 k8s.io/kube-openapi/pkg/aggregator @@ -2021,13 +2022,13 @@ k8s.io/kube-openapi/pkg/schemaconv k8s.io/kube-openapi/pkg/util k8s.io/kube-openapi/pkg/util/proto k8s.io/kube-openapi/pkg/util/proto/validation -# k8s.io/kube-proxy v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.10-k3s1 +# k8s.io/kube-proxy v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.11-k3s1 k8s.io/kube-proxy/config/v1alpha1 -# k8s.io/kube-scheduler v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.10-k3s1 +# k8s.io/kube-scheduler v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.11-k3s1 k8s.io/kube-scheduler/config/v1 k8s.io/kube-scheduler/config/v1beta1 k8s.io/kube-scheduler/extender/v1 -# k8s.io/kubectl v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.10-k3s1 +# k8s.io/kubectl v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.11-k3s1 k8s.io/kubectl/pkg/apps k8s.io/kubectl/pkg/cmd k8s.io/kubectl/pkg/cmd/annotate @@ -2103,11 +2104,11 @@ k8s.io/kubectl/pkg/util/storage k8s.io/kubectl/pkg/util/templates k8s.io/kubectl/pkg/util/term k8s.io/kubectl/pkg/validation -# k8s.io/kubelet v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.10-k3s1 +# k8s.io/kubelet v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.11-k3s1 k8s.io/kubelet/config/v1beta1 k8s.io/kubelet/pkg/apis/deviceplugin/v1beta1 k8s.io/kubelet/pkg/apis/pluginregistration/v1 -# k8s.io/kubernetes v1.19.10 => github.com/k3s-io/kubernetes v1.19.10-k3s1 +# k8s.io/kubernetes v1.19.11 => github.com/k3s-io/kubernetes v1.19.11-k3s1 ## explicit k8s.io/kubernetes/cmd/cloud-controller-manager/app k8s.io/kubernetes/cmd/cloud-controller-manager/app/apis/config @@ -2846,7 +2847,7 @@ k8s.io/kubernetes/third_party/forked/gonum/graph k8s.io/kubernetes/third_party/forked/gonum/graph/internal/linear k8s.io/kubernetes/third_party/forked/gonum/graph/simple k8s.io/kubernetes/third_party/forked/gonum/graph/traverse -# k8s.io/legacy-cloud-providers v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.10-k3s1 +# k8s.io/legacy-cloud-providers v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.11-k3s1 k8s.io/legacy-cloud-providers/aws k8s.io/legacy-cloud-providers/azure k8s.io/legacy-cloud-providers/azure/auth @@ -2888,7 +2889,7 @@ k8s.io/legacy-cloud-providers/openstack k8s.io/legacy-cloud-providers/vsphere k8s.io/legacy-cloud-providers/vsphere/vclib k8s.io/legacy-cloud-providers/vsphere/vclib/diskmanagers -# k8s.io/metrics v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.10-k3s1 +# k8s.io/metrics v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.11-k3s1 k8s.io/metrics/pkg/apis/custom_metrics k8s.io/metrics/pkg/apis/custom_metrics/v1beta1 k8s.io/metrics/pkg/apis/custom_metrics/v1beta2 @@ -2905,6 +2906,7 @@ k8s.io/metrics/pkg/client/custom_metrics k8s.io/metrics/pkg/client/custom_metrics/scheme k8s.io/metrics/pkg/client/external_metrics # k8s.io/utils v0.0.0-20200729134348-d5654de09c73 +## explicit k8s.io/utils/buffer k8s.io/utils/clock k8s.io/utils/exec @@ -2978,6 +2980,7 @@ vbom.ml/util/sortorder # github.com/matryer/moq => github.com/rancher/moq v0.0.0-20190404221404-ee5226d43009 # github.com/opencontainers/runc => github.com/opencontainers/runc v1.0.0-rc92 # github.com/opencontainers/runtime-spec => github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6 +# github.com/rancher/k3s/pkg/data => ./pkg/data # go.etcd.io/etcd => github.com/k3s-io/etcd v0.5.0-alpha.5.0.20201208200253-50621aee4aea # golang.org/x/crypto => golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0 # golang.org/x/net => golang.org/x/net v0.0.0-20201110031124-69a78807bb2b @@ -2985,29 +2988,29 @@ vbom.ml/util/sortorder # google.golang.org/genproto => google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63 # google.golang.org/grpc => google.golang.org/grpc v1.27.1 # gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 -# k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.10-k3s1 -# k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.10-k3s1 -# k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.10-k3s1 -# k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.10-k3s1 -# k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.10-k3s1 -# k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.10-k3s1 -# k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.10-k3s1 -# k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.10-k3s1 -# k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.10-k3s1 -# k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.10-k3s1 -# k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.10-k3s1 -# k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.10-k3s1 -# k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.10-k3s1 -# k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.10-k3s1 -# k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.10-k3s1 -# k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.10-k3s1 -# k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.10-k3s1 -# k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.10-k3s1 -# k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.19.10-k3s1 -# k8s.io/legacy-cloud-providers => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.10-k3s1 -# k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.10-k3s1 -# k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.19.10-k3s1 -# k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.19.10-k3s1 -# k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.19.10-k3s1 -# k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.19.10-k3s1 +# k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.19.11-k3s1 +# k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.11-k3s1 +# k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.19.11-k3s1 +# k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.19.11-k3s1 +# k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.19.11-k3s1 +# k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.19.11-k3s1 +# k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.19.11-k3s1 +# k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.19.11-k3s1 +# k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.19.11-k3s1 +# k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.19.11-k3s1 +# k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.19.11-k3s1 +# k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.19.11-k3s1 +# k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.19.11-k3s1 +# k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.19.11-k3s1 +# k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.19.11-k3s1 +# k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.19.11-k3s1 +# k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.19.11-k3s1 +# k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.19.11-k3s1 +# k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.19.11-k3s1 +# k8s.io/legacy-cloud-providers => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.19.11-k3s1 +# k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.19.11-k3s1 +# k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.19.11-k3s1 +# k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.19.11-k3s1 +# k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.19.11-k3s1 +# k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.19.11-k3s1 # mvdan.cc/unparam => mvdan.cc/unparam v0.0.0-20190209190245-fbb59629db34