Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Readability log controller runtime upgrade #448

Merged
merged 1 commit into from
Nov 28, 2022
Merged

Readability log controller runtime upgrade #448

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
125 changes: 86 additions & 39 deletions config/components/crd/bases/kueue.x-k8s.io_workloads.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1648,13 +1648,13 @@ spec:
type: string
ports:
description: List of ports to expose from the container.
Exposing a port here gives the system additional
information about the network connections a container
uses, but is primarily informational. Not specifying
a port here DOES NOT prevent that port from being
exposed. Any port which is listening on the default
"0.0.0.0" address inside a container will be accessible
from the network. Cannot be updated.
Not specifying a port here DOES NOT prevent that
port from being exposed. Any port which is listening
on the default "0.0.0.0" address inside a container
will be accessible from the network. Modifying this
array with strategic merge patch may corrupt the
data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.
Cannot be updated.
items:
description: ContainerPort represents a network
port in a single container.
Expand Down Expand Up @@ -2433,9 +2433,7 @@ spec:
list cannot be specified when creating a pod, and it cannot
be modified by updating the pod spec. In order to add
an ephemeral container to an existing pod, use the pod's
ephemeralcontainers subresource. This field is beta-level
and available on clusters that haven't disabled the EphemeralContainers
feature gate.
ephemeralcontainers subresource.
items:
description: "An EphemeralContainer is a temporary container
that you may add to an existing Pod for user-initiated
Expand All @@ -2446,9 +2444,7 @@ spec:
container causes the Pod to exceed its resource allocation.
\n To add an ephemeral container, use the ephemeralcontainers
subresource of an existing Pod. Ephemeral containers
may not be removed or restarted. \n This is a beta feature
available on clusters that haven't disabled the EphemeralContainers
feature gate."
may not be removed or restarted."
properties:
args:
description: 'Arguments to the entrypoint. The image''s
Expand Down Expand Up @@ -3799,6 +3795,19 @@ spec:
description: 'Use the host''s pid namespace. Optional: Default
to false.'
type: boolean
hostUsers:
description: 'Use the host''s user namespace. Optional:
Default to true. If set to true or not present, the pod
will be run in the host user namespace, useful for when
the pod needs a feature only available to the host user
namespace, such as loading a kernel module with CAP_SYS_MODULE.
When set to false, a new userns is created for the pod.
Setting false is useful for mitigating container breakout
vulnerabilities even allowing users to run their containers
as root without actually having root privileges on the
host. This field is alpha-level and is only honored by
servers that enable the UserNamespacesSupport feature.'
type: boolean
hostname:
description: Specifies the hostname of the Pod If not specified,
the pod's hostname will be set to a system-defined value.
Expand Down Expand Up @@ -4440,13 +4449,13 @@ spec:
type: string
ports:
description: List of ports to expose from the container.
Exposing a port here gives the system additional
information about the network connections a container
uses, but is primarily informational. Not specifying
a port here DOES NOT prevent that port from being
exposed. Any port which is listening on the default
"0.0.0.0" address inside a container will be accessible
from the network. Cannot be updated.
Not specifying a port here DOES NOT prevent that
port from being exposed. Any port which is listening
on the default "0.0.0.0" address inside a container
will be accessible from the network. Modifying this
array with strategic merge patch may corrupt the
data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.
Cannot be updated.
items:
description: ContainerPort represents a network
port in a single container.
Expand Down Expand Up @@ -5187,18 +5196,17 @@ spec:
is set. \n If the OS field is set to linux, the following
fields must be unset: -securityContext.windowsOptions
\n If the OS field is set to windows, following fields
must be unset: - spec.hostPID - spec.hostIPC - spec.securityContext.seLinuxOptions
- spec.securityContext.seccompProfile - spec.securityContext.fsGroup
- spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls
- spec.shareProcessNamespace - spec.securityContext.runAsUser
- spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups
- spec.containers[*].securityContext.seLinuxOptions -
spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities
- spec.containers[*].securityContext.readOnlyRootFilesystem
must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers
- spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile
- spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy
- spec.securityContext.sysctls - spec.shareProcessNamespace
- spec.securityContext.runAsUser - spec.securityContext.runAsGroup
- spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions
- spec.containers[*].securityContext.seccompProfile -
spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem
- spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation
- spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser
- spec.containers[*].securityContext.runAsGroup This is
a beta field and requires the IdentifyPodOS feature"
- spec.containers[*].securityContext.runAsGroup"
properties:
name:
description: 'Name is the name of the operating system.
Expand Down Expand Up @@ -5622,6 +5630,20 @@ spec:
type: object
type: object
x-kubernetes-map-type: atomic
matchLabelKeys:
description: MatchLabelKeys is a set of pod label
keys to select the pods over which spreading will
be calculated. The keys are used to lookup values
from the incoming pod labels, those key-value labels
are ANDed with labelSelector to select the group
of existing pods over which spreading will be calculated
for the incoming pod. Keys that don't exist in the
incoming pod labels will be ignored. A null or empty
list means only match against labelSelector.
items:
type: string
type: array
x-kubernetes-list-type: atomic
maxSkew:
description: 'MaxSkew describes the degree to which
pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
Expand Down Expand Up @@ -5669,10 +5691,34 @@ spec:
cannot be scheduled, because computed skew will
be 3(3 - 0) if new Pod is scheduled to any of the
three zones, it will violate MaxSkew. \n This is
an alpha field and requires enabling MinDomainsInPodTopologySpread
feature gate."
a beta field and requires the MinDomainsInPodTopologySpread
feature gate to be enabled (enabled by default)."
format: int32
type: integer
nodeAffinityPolicy:
description: "NodeAffinityPolicy indicates how we
will treat Pod's nodeAffinity/nodeSelector when
calculating pod topology spread skew. Options are:
- Honor: only nodes matching nodeAffinity/nodeSelector
are included in the calculations. - Ignore: nodeAffinity/nodeSelector
are ignored. All nodes are included in the calculations.
\n If this value is nil, the behavior is equivalent
to the Honor policy. This is a alpha-level feature
enabled by the NodeInclusionPolicyInPodTopologySpread
feature flag."
type: string
nodeTaintsPolicy:
description: "NodeTaintsPolicy indicates how we will
treat node taints when calculating pod topology
spread skew. Options are: - Honor: nodes without
taints, along with tainted nodes for which the incoming
pod has a toleration, are included. - Ignore: node
taints are ignored. All nodes are included. \n If
this value is nil, the behavior is equivalent to
the Ignore policy. This is a alpha-level feature
enabled by the NodeInclusionPolicyInPodTopologySpread
feature flag."
type: string
topologyKey:
description: TopologyKey is the key of node labels.
Nodes that have a label with this key and identical
Expand All @@ -5681,11 +5727,12 @@ spec:
try to put balanced number of pods into each bucket.
We define a domain as a particular instance of a
topology. Also, we define an eligible domain as
a domain whose nodes match the node selector. e.g.
If TopologyKey is "kubernetes.io/hostname", each
Node is a domain of that topology. And, if TopologyKey
is "topology.kubernetes.io/zone", each zone is a
domain of that topology. It's a required field.
a domain whose nodes meet the requirements of nodeAffinityPolicy
and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname",
each Node is a domain of that topology. And, if
TopologyKey is "topology.kubernetes.io/zone", each
zone is a domain of that topology. It's a required
field.
type: string
whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal
Expand Down Expand Up @@ -7453,8 +7500,8 @@ spec:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a foo's
current state. // Known .status.conditions.type are: \"Available\",
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
Expand Down
39 changes: 20 additions & 19 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,21 +10,21 @@ require (
github.com/open-policy-agent/cert-controller v0.5.0
github.com/prometheus/client_golang v1.13.0
go.uber.org/zap v1.23.0
k8s.io/api v0.24.8
k8s.io/apimachinery v0.24.8
k8s.io/client-go v0.24.8
k8s.io/component-base v0.24.8
k8s.io/component-helpers v0.24.8
k8s.io/klog/v2 v2.60.1
k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9
sigs.k8s.io/controller-runtime v0.12.3
k8s.io/api v0.25.4
k8s.io/apimachinery v0.25.4
k8s.io/client-go v0.25.4
k8s.io/component-base v0.25.4
k8s.io/component-helpers v0.25.4
k8s.io/klog/v2 v2.70.1
k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed
sigs.k8s.io/controller-runtime v0.13.1
)

require (
cloud.google.com/go/compute v1.2.0 // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest v0.11.24 // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.18 // indirect
github.com/Azure/go-autorest/autorest v0.11.27 // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
github.com/Azure/go-autorest/logger v0.2.1 // indirect
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
Expand All @@ -34,10 +34,11 @@ require (
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/cespare/xxhash/v2 v2.1.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful v2.9.5+incompatible // indirect
github.com/emicklei/go-restful/v3 v3.8.0 // indirect
github.com/evanphx/json-patch v5.6.0+incompatible // indirect
github.com/fsnotify/fsnotify v1.5.1 // indirect
github.com/go-logr/zapr v1.2.2 // indirect
github.com/evanphx/json-patch/v5 v5.6.0 // indirect
github.com/fsnotify/fsnotify v1.5.4 // indirect
github.com/go-logr/zapr v1.2.3 // indirect
github.com/go-openapi/jsonpointer v0.19.5 // indirect
github.com/go-openapi/jsonreference v0.19.5 // indirect
github.com/go-openapi/swag v0.19.14 // indirect
Expand All @@ -63,22 +64,22 @@ require (
github.com/spf13/pflag v1.0.5 // indirect
go.uber.org/atomic v1.9.0 // indirect
go.uber.org/multierr v1.7.0 // indirect
golang.org/x/crypto v0.0.0-20220214200702-86341886e292 // indirect
golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd // indirect
golang.org/x/net v0.1.0 // indirect
golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect
golang.org/x/sys v0.2.0 // indirect
golang.org/x/term v0.1.0 // indirect
golang.org/x/text v0.4.0 // indirect
golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
golang.org/x/time v0.0.0-20220609170525-579cf78fd858 // indirect
gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.28.1 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/apiextensions-apiserver v0.24.2 // indirect
k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42 // indirect
sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
k8s.io/apiextensions-apiserver v0.25.0 // indirect
k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
)