Rust Kubernetes client and controller runtime
APACHE-2.0 License
Bot releases are visible (Hide)
kube::client::Body
Improvementssize_hint
and is_end_stream
implemented in #1452 + internal cleanups #1453 and #1455rustls
to 0.23 in #1457once_cell
removed in #1447 (no longer needed)futures
feature prune in #1442chrono
features prune in #1448, and bump its min version pin in #1458Body::collect_bytes
for easier unit tests by @clux in https://github.com/kube-rs/kube/pull/1445
rustls
0.23 by @tottoto in https://github.com/kube-rs/kube/pull/1457
futures
feature by @tottoto in https://github.com/kube-rs/kube/pull/1442
Body::empty
for easier tests by @clux in https://github.com/kube-rs/kube/pull/1444
once_cell
Lazy with ordinary static by @tottoto in https://github.com/kube-rs/kube/pull/1447
chrono
feature clock
with now
by @tottoto in https://github.com/kube-rs/kube/pull/1448
http_body
trait method by @tottoto in https://github.com/kube-rs/kube/pull/1452
chrono
version by @clux in https://github.com/kube-rs/kube/pull/1458
Full Changelog: https://github.com/kube-rs/kube/compare/0.89.0...0.90.0
Published by github-actions[bot] 7 months ago
hyper
and http
to 1.0 and MSRV to 1.75.0
This release completes the hyper & http ecosystem upgrade #1351 via #1438. In particular, this change includes upgrades to http
, http-body
, tower-http
, hyper
, hyper-openssl
, hyper-rustls
, hyper-socks2
, hyper-timeout
, tame-oauth
, tokio-tungstenite
, tower-http
, rustls
, rustls-pemfile
, as well as adopting the new hyper_util
and http_body_util
to make the change.
While this change constitutes significant internal churn (and a new kube::client::Body
), our external api remains largely unchanged. Some minor changes are necessary for custom clients, and for integration testing using tower_mock
. See the controller-rs upgrade pr or the examples folder in this commit for details.
Client::get
and Client::list
by @clux in https://github.com/kube-rs/kube/pull/1375
1.75.0
by @clux in https://github.com/kube-rs/kube/pull/1408
reflector
to only request identifying metadata by @SOF3 in https://github.com/kube-rs/kube/pull/1393
jsonpath-rust
to 0.5.0 by @clux in https://github.com/kube-rs/kube/pull/1429
Kubeconfig
allow certificate_authority_data
not present in ExecAuthCluster
by @ljun20160606 in https://github.com/kube-rs/kube/pull/1432
Client::request_stream
by @XciD in https://github.com/kube-rs/kube/pull/1433
Full Changelog: https://github.com/kube-rs/kube/compare/0.88.1...0.89.0
Published by github-actions[bot] 9 months ago
This is a bug fix release for a deserialization issue introduced in 0.88.0.
ObjectList
by @flavio in https://github.com/kube-rs/kube/pull/1398
Full Changelog: https://github.com/kube-rs/kube/compare/0.88.0...0.88.1
Published by github-actions[bot] 9 months ago
v1_29
support via k8s-openapi
0.21
Please upgrade k8s-openapi along with kube to avoid conflicts.
k8s-openapi
for Kubernetes v1_29
support by @clux in https://github.com/kube-rs/kube/pull/1394
Full Changelog: https://github.com/kube-rs/kube/compare/0.87.2...0.88.0
Published by github-actions[bot] 10 months ago
LogParams::since_time
by @clux in https://github.com/kube-rs/kube/pull/1342
jsonpath_lib
to jsonpath-rust
by @ilya-bobyr in https://github.com/kube-rs/kube/pull/1345
Full Changelog: https://github.com/kube-rs/kube/compare/0.87.1...0.87.2
Published by github-actions[bot] 12 months ago
Controller
issue with reconciliation requests disappearing when using concurrency
#1324Client
with better exec auth behaviour #1320, timeout control #1314, and socks5 proxy handling #1311syn
2 #1307Big thanks to everyone involved 🎃
socks5
proxy in Client
by @Razz4780 in https://github.com/kube-rs/kube/pull/1311
Controller::reconcile_on
and remove Err
input requirement by @clux in https://github.com/kube-rs/kube/pull/1304
base64
to 0.21
by @clux in https://github.com/kube-rs/kube/pull/1308
darling
and syn
and rename #[kube(struct)]
by @clux in https://github.com/kube-rs/kube/pull/1307
KUBERNETES_EXEC_INFO
environment variable passed to auth plugins by @Razz4780 in https://github.com/kube-rs/kube/pull/1320
Controller
: pending messages are stuck in the scheduled
map by @co42 in https://github.com/kube-rs/kube/pull/1324
Full Changelog: https://github.com/kube-rs/kube/compare/0.86.0...0.87.1
Published by github-actions[bot] about 1 year ago
v1_28
Please note upstream api removals.
As usual, upgrade k8s-openapi along with kube to avoid issues.
rustls
With last year's upstream changes from rustls (closing all our existing rustls issues - see https://github.com/kube-rs/kube/issues/1192), this is now the better choice for security, features, and ease of building. The previous default openssl stack can still be used with default-features = false
plus the openssl-tls
feature.
A controller Config
has been added to allow tweaking two behaviour parameters (debouncing in #1265 and concurrency limits in #1277) of the Controller
. Huge thanks to @aryan9600 for his work.
The sendInitialEvents
alpha feature is now supported, and is quickly testable in the pod_watcher example when using the feature gate. This will help optimise the memory profile of controllers when the feature becomes generally available. Amazing work by first time contributor @casualjim.
controller::Config
and debounce period to scheduler by @aryan9600 in https://github.com/kube-rs/kube/pull/1265
rustls-tls
by @clux in https://github.com/kube-rs/kube/pull/1261
core
: omit invalid resource version parameters when doing paged requests by @goenning in https://github.com/kube-rs/kube/pull/1281
Full Changelog: https://github.com/kube-rs/kube/compare/0.85.0...0.86.0
Published by github-actions[bot] about 1 year ago
This release brings in the new k8s-openapi
release.
Be sure to upgrade k8s-openapi
and kube
simultaneously to avoid multiple version errors:
cargo upgrade -p k8s-openapi -p kube -i
WatchStreamExt::reflect
to allow chaining on a reflector by @clux in https://github.com/kube-rs/kube/pull/1252
dirs-next
dependency to cargo-team maintained home
crate by @utkarshgupta137 in https://github.com/kube-rs/kube/pull/1207
k8s-openapi
to 0.19.0
for v1_27
support by @clux in https://github.com/kube-rs/kube/pull/1271
watcher
: return NoResourceVersion
error if resource version is empty by @aryan9600 in https://github.com/kube-rs/kube/pull/1259
scheduler
message when preponing by @nightkr in https://github.com/kube-rs/kube/pull/1260
Full Changelog: https://github.com/kube-rs/kube/compare/0.84.0...0.85.0
Published by github-actions[bot] over 1 year ago
On the runtime
side, the Controller
now delays reconciles until the main Store
is ready (via a new Store
helper from #1243). The stream selection for owned resources is more efficient (#1240), and the underlying watcher
streams now all paginate (#1249). There are also many new WatchStreamExt
helpers ( #1246 + #1228 + #1232) as a continued work towards the more customisable streams-api (#1080).
On the client-side; streaming logs are now easier to deal with as an AsyncBufRead
#1235.
Optional OIDC refreshable token support was introduced in #1229 under kube/oidc
for out-of-cluster Client
configuration. Previously, refresh support was limited to non-OIDC tokens from the GcpOuth
provider (kube/oauth
) or through arbitrary exec
calls / TokenFile
loading.
Predicate
trait to allow combination + fallbacks by @clux in https://github.com/kube-rs/kube/pull/1228
WatchStreamExt::default_backoff
shorthand by @clux in https://github.com/kube-rs/kube/pull/1232
PartialEq
on core
params structs by @danrspencer in https://github.com/kube-rs/kube/pull/1237
WatchStreamExt::modify()
to modify events by @aryan9600 in https://github.com/kube-rs/kube/pull/1246
watcher
by @clux in https://github.com/kube-rs/kube/pull/1249
Api::log_stream
to return AsyncBufRead
by @aryan9600 in https://github.com/kube-rs/kube/pull/1235
Controller::owns
use metadata_watcher
internally by @clux in https://github.com/kube-rs/kube/pull/1240
Full Changelog: https://github.com/kube-rs/kube/compare/0.83.0...0.84.0
Published by github-actions[bot] over 1 year ago
Controller::reconcile_on
by @co42 in https://github.com/kube-rs/kube/pull/1163
predicates::resource_version
by @clux in https://github.com/kube-rs/kube/pull/1221
Duration
to kube-core
by @hawkw in https://github.com/kube-rs/kube/pull/1224
GetParams
support by @mateiidavid in https://github.com/kube-rs/kube/pull/1214
validator
for garde
by @mateiidavid in https://github.com/kube-rs/kube/pull/1212
#[kube(crates(serde = "some_crate::serde"))]
was not working by @chubei in https://github.com/kube-rs/kube/pull/1215
Full Changelog: https://github.com/kube-rs/kube/compare/0.82.2...0.83.0
Published by github-actions[bot] over 1 year ago
Two fixes to allow watcher::Config
to function as intended.
runtime::watcher
: only set rv if semantic is any by @goenning in https://github.com/kube-rs/kube/pull/1204
watcher::Config
: Derive Clone
+ Debug
+ PartialEq
by @clux in https://github.com/kube-rs/kube/pull/1206
Full Changelog: https://github.com/kube-rs/kube/compare/0.82.1...0.82.2
Published by github-actions[bot] over 1 year ago
nullable
is re-instated on Option
types from CustomResource
generated schemas, due to unintended errors removing it caused on Api::patch
calls on None
members that were not setting #[serde(skip_serializing_if = "Option::is_none")]
. This only affected 0.81 and 0.82 from last week, and does not require user action regardless of where you are upgrading from.
This release also fixes a metadata_watcher
triggering deserialization error from doing Api::list_metadata
on an empty set.
WatchParams
bookmarks for watch_metadata
by @clux in https://github.com/kube-rs/kube/pull/1193
ObjectList
not deserializing items: null
by @suryapandian in https://github.com/kube-rs/kube/pull/1199
option_nullable
for CRD generation" by @Dav1dde in https://github.com/kube-rs/kube/pull/1201
Full Changelog: https://github.com/kube-rs/kube/compare/0.82.0...0.82.1
Published by github-actions[bot] over 1 year ago
This release brings in the new k8s-openapi
release.
Be sure to upgrade k8s-openapi
and kube
simultaneously to avoid multiple version errors:
cargo upgrade -p k8s-openapi -p kube -i
serde_yaml
to 0.9 by @clux in https://github.com/kube-rs/kube/pull/1188
k8s-openapi
to 0.18.0 by @clux in https://github.com/kube-rs/kube/pull/1190
Full Changelog: https://github.com/kube-rs/kube/compare/0.81.0...0.82.0
Published by github-actions[bot] over 1 year ago
One big change is the splitting of ListParams
into ListParams
and WatchParams
in #1162 and #1171. If you were using api.list
directly, this should not affect you, but api.watch
calls will need a replace of ListParams
to WatchParams
. Apart from the resulting field splitting, the two structs still have a mostly compatible api.
If you were passing ListParams
to watcher
or Controller
, you can change this for a new watcher::Config
with a mostly compatible interface:
- let stream = watcher(api, ListParams::default());
+ let stream = watcher(api, watcher::Config::default());
The reason for this change has been to add support for specific version match strategies and has new builders on both ListParams
and watcher::Config
to control the strategy. Using the new VersionMatch::NotOlderThan
can reduce strain on the apiserver for individual api.list
calls. Watchers will benefit the most from this, and should consider using the semantic Any
strategy (= NotOlderThan
with version "0") on all relists by setting watcher::Config::any_semantic()
.
This release closes all our rustls issues as a consequence of the long standing IP address incompatibility (#153) having been resolved upstream. All rustls
specific overrides (such as using the deprecated incluster_dns
strategy for configuration #1184) have been removed as a result.
Multiple new runtime
features have been added to be able to more precisely control the input streams used by Controller
a starting step towards stream sharing (#1080) and as a way to reduce excess input events. Because these interfaces are likely to remain in flux for some time, these are only available under unstable feature flags.
predicates
to allow filtering watcher
streams by @clux in https://github.com/kube-rs/kube/pull/911
Controller::owns_stream
by @Dav1dde in https://github.com/kube-rs/kube/pull/1173
Controller::for_stream
+ Controller::watches_stream
by @clux in https://github.com/kube-rs/kube/pull/1187
ListParams
and WatchParams
by @nabokihms in https://github.com/kube-rs/kube/pull/1162
VersionMatch
follow upstream + configure list semantics in watcher::Config
by @clux in https://github.com/kube-rs/kube/pull/1171
option_nullable
for CRD generation by @Dav1dde in https://github.com/kube-rs/kube/pull/1079
rustls
CI against IP cluster address by @clux in https://github.com/kube-rs/kube/pull/1183
Config::incluster
behavior for rustls
by @clux in https://github.com/kube-rs/kube/pull/1184
Full Changelog: https://github.com/kube-rs/kube/compare/0.80.0...0.81.0
Published by github-actions[bot] over 1 year ago
The PartialObjectMeta
struct has been changed to allow static dispatch through a new generic parameter. It comes with a new PartialObjectMetaExt
trait to help construct it.
Early release for the above change to the new metadata api, plus a trigger for our currently broken docs.rs.
PartialObjectMeta
over the underlying Resource
by @clux in https://github.com/kube-rs/kube/pull/1152
Full Changelog: https://github.com/kube-rs/kube/compare/0.79.0...0.80.0
Published by github-actions[bot] over 1 year ago
A big feature this time around is the added support for the metadata api via #1137. This is a variant api that only returns the ObjectMeta
and TypeMeta
to reduce network load, and has a low-level watch analogue available at Api::watch_metadata
. Most users will generally want an infinite watch stream rather than the low-level method, so kube::runtime::metadata_watcher
has been added as a direct analogue of watcher
via #1145. The dynamic_watcher example shows how to switch between the two to get up and running.
The watcher
also emits warnings now when HTTP 403
s are encountered from Kubernetes, as this usually indicates a non-transient misconfiguration that must be fixed on the administrator side with RBAC.
Finally, there is work in progress on shared streams via WatchStreamExt
from #1131 under an unstable feature.
default_namespace()
by @jpmcb in https://github.com/kube-rs/kube/pull/1123
WatchStreamExt::subscribe
by @danrspencer in https://github.com/kube-rs/kube/pull/1131
Config
: make cluster/users/clusters optional by @goenning in https://github.com/kube-rs/kube/pull/1120
Full Changelog: https://github.com/kube-rs/kube/compare/0.78.0...0.79.0
Published by github-actions[bot] almost 2 years ago
This release brings in the new k8s-openapi
release for 1.26
structs, and sets our MK8SV to 1.21
.
Be sure to upgrade k8s-openapi
and kube
simultaneously to avoid multiple version errors:
cargo upgrade -p k8s-openapi -p kube -i
Store
by @eliad-wiz in https://github.com/kube-rs/kube/pull/1111
[email protected]
and MK8SV by @clux in https://github.com/kube-rs/kube/pull/1116
Config::timeout
by @clux in https://github.com/kube-rs/kube/pull/1113
Full Changelog: https://github.com/kube-rs/kube/compare/0.77.0...0.78.0
Published by github-actions[bot] almost 2 years ago
This release saw numerous improvements across various parts of the codebase with lots of help from external contributors. Look for improvements in error handling, client exec behaviour, dynamic object conversion, certificate handling, and last, but not least; lots of enhancements in the config
module. Huge thanks to everyone who contributed!
Config
EnhancementsKubeconfigs relying on ExecConfig
for auth should now work with a lot more cases (with improvements to script interactivity, cert passing, env-drop, and windows behaviour). We further aligned our Kubeconfig
parsing with client-go's behaviour, and also exposed Kubeconfig::merge
. Finally, we now pass Config::tls_server_name
through to the Client
, which has let us include a better rustls workaround for the long-standing ip issue (enabled by default).
DynamicObjects::try_parse
for typed object conversion by @jmintb in https://github.com/kube-rs/kube/pull/1061
ExecConfig::drop_env
to filter host evars for auth providers by @aviramha in https://github.com/kube-rs/kube/pull/1062
Kubeconfig::merge
fn to public. by @goenning in https://github.com/kube-rs/kube/pull/1100
Config::tls_server_name
and validate when using rustls by @clux in https://github.com/kube-rs/kube/pull/1104
ResourceExt::name
by @clux in https://github.com/kube-rs/kube/pull/1105
watcher
when kinds do not support watch by @clux in https://github.com/kube-rs/kube/pull/1101
Full Changelog: https://github.com/kube-rs/kube/compare/0.76.0...0.77.0
Published by github-actions[bot] almost 2 years ago
#[derive(CustomResource)]
now supports schemas with untagged enums
Expanding on our existing support for storing Rust's struct enums in CRDs, Kube will now try to convert #[serde(untagged)]
enums as well. Note that if the same field is present in multiple untagged variants then they must all have the same shape.
try_flatten_*
functions
These have been deprecated since 0.72, and are replaced by the equivalent WatchStreamExt
methods.
Controller::watches
by @Dav1dde in https://github.com/kube-rs/kube/pull/1026
ApiGroup::resources_by_stability
by @imuxin in https://github.com/kube-rs/kube/pull/1022
try_flatten_
helpers by @clux in https://github.com/kube-rs/kube/pull/1019
native-tls
feature by @kazk in https://github.com/kube-rs/kube/pull/1044
Full Changelog: https://github.com/kube-rs/kube/compare/0.75.0...0.76.0
Published by github-actions[bot] about 2 years ago
k8s-openapi
to 0.16 for Kubernetes 1.25
The update to [email protected] makes this the first release with tentative Kubernetes 1.25 support.
While the new structs and apis now exist, we recommend holding off on using 1.25 until a deserialization bug in the apiserver is resolved upstream. See #997 / #1008 for details.
To upgrade, ensure you bump both kube
and k8s-openapi
:
cargo upgrade kube k8s-openapi
Config::incluster
default to connect in cluster
Our previous default of connecting to the Kubernetes apiserver via kubernetes.default.svc
has been reverted back to use the old environment variables after Kubernetes updated their position that the environment variables are not legacy. This does unfortunately regress on rustls
support, so for those users we have included a Config::incluster_dns
to work around the old rustls issue while it is open.
error_policy
extension
The error_policy
fn now has access to the object
that failed the reconciliation to ease metric creation / failure attribution. The following change is needed on the user side:
-fn error_policy(error: &Error, ctx: Arc<Data>) -> Action {
+fn error_policy(_obj: Arc<YourObject>, error: &Error, ctx: Arc<Data>) -> Action {
There are also a slew of ergonomics improvements, closing of gaps in subresources, adding initial support for ConversionReview
, making Api::namespaced
impossible to use for non-namepaced resources (a common pitfall), as well as many great fixes to the edge cases in portforwarding and finalizers. Many of these changes came from first time contributors. A huge thank you to everyone involved.
Config::auth_info
public by @danrspencer in https://github.com/kube-rs/kube-rs/pull/959
Client::send
method public by @tiagolobocastro in https://github.com/kube-rs/kube-rs/pull/972
types
on AdmissionRequest
and AdmissionResponse
public by @clux in https://github.com/kube-rs/kube-rs/pull/977
#[serde(default)]
to metadata field of DynamicObject
by @pbzweihander in https://github.com/kube-rs/kube-rs/pull/987
create_subresource
method to Api
and create_token_request
method to Api<ServiceAccount>
by @pbzweihander in https://github.com/kube-rs/kube-rs/pull/989
Action
by @Sherlock-Holo in https://github.com/kube-rs/kube-rs/pull/993
ConversionReview
types by @MikailBag in https://github.com/kube-rs/kube-rs/pull/999
Config
by @goenning in https://github.com/kube-rs/kube-rs/pull/971
error_policy
by @felipesere in https://github.com/kube-rs/kube-rs/pull/995
Config
: New incluster
and incluster_dns
constructors by @olix0r in https://github.com/kube-rs/kube-rs/pull/1001
k8s-openapi
to 0.16 by @clux in https://github.com/kube-rs/kube-rs/pull/1008
tracing::instrument
from apply_debug_overrides
by @kazk in https://github.com/kube-rs/kube-rs/pull/958
Full Changelog: https://github.com/kube-rs/kube-rs/compare/0.74.0...0.75.0