GO-2022-0617
and 18 other vulnerabilities
GO-2022-0617 : WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes
GO-2022-0782 : Symlink Attack in kubectl cp in k8s.io/kubernetes
GO-2022-0885 : Improper Authentication in Kubernetes in k8s.io/kubernetes
GO-2022-0890 : Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes
GO-2022-0907 : Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes
GO-2022-0910 : Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes
GO-2022-0983 : kubectl ANSI escape characters not filtered in k8s.io/kubernetes
GO-2023-1864 : Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes
GO-2023-1891 : kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes
GO-2023-1892 : Kubernetes mountable secrets policy bypass in k8s.io/kubernetes
GO-2023-1985 : Kubernetes in OpenShift3 Access Control Misconfiguration in k8s.io/kubernetes
GO-2023-2159 : Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes
GO-2023-2170 : Kubernetes privilege escalation vulnerability in k8s.io/kubernetes
GO-2023-2330 : Kubernetes privilege escalation vulnerability in k8s.io/kubernetes
GO-2023-2341 : Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes
GO-2024-2748 : Privilege Escalation in Kubernetes in k8s.io/apimachinery
GO-2024-2754 : Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes
GO-2024-2755 : Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes
GO-2024-2994 : Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes
Discover Packages
k8s.io/kubernetes
pkg
cloudprovider
nodecontroller
package
Version:
v0.17.0
Opens a new window with list of versions in this module.
Published: May 12, 2015
License: Apache-2.0
Opens a new window with license information.
Imports: 17
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
Package nodecontroller contains code for syncing cloud instances with
minion registry
View Source var (
ErrRegistration = errors .New ("unable to register all nodes.")
ErrQueryIPAddress = errors .New ("unable to query IP address.")
ErrCloudInstance = errors .New ("cloud provider doesn't support instances.")
)
type NodeController struct {
}
func NewNodeController(
cloud cloudprovider .Interface ,
matchRE string ,
nodes []string ,
staticResources *api .NodeResources ,
kubeClient client .Interface ,
registerRetryCount int ,
podEvictionTimeout time .Duration ,
deletingPodsRateLimiter util .RateLimiter ,
nodeMonitorGracePeriod time .Duration ,
nodeStartupGracePeriod time .Duration ,
nodeMonitorPeriod time .Duration ,
clusterName string ,
clusterCIDR *net .IPNet ,
allocateNodeCIDRs bool ) *NodeController
NewNodeController returns a new node controller to sync instances from cloudprovider.
Run creates initial node list and start syncing instances from cloudprovider, if any.
It also starts syncing or monitoring cluster node status.
registerNodes() is called only once to register all initial nodes (from cloudprovider
or from command line flag). To make cluster bootstrap faster, node controller populates
node addresses.
syncCloudNodes() is called periodically (if enabled) to sync instances from cloudprovider.
Node created here will only have specs.
monitorNodeStatus() is called periodically to incorporate the results of node status
pushed from kubelet to master.
¶
Click to show internal directories.
Click to hide internal directories.
Affected by 
Documentation
¶
Source Files