Tim Allclair
Tim Allclair
It's not always clear how CVSS maps to Kubernetes. To help ensure consistency and reduce decision fatigue, we should document how we interpret and use various adjustments to rate vulnerabilities.
SECURITY_CONTACTS files currently use github user names, but github doesn't have private messaging, and users don't always have public email addresses. We need a better solution, so that the PSC...
- decide what the PSC's role & involvement should be - write prescriptive checklist that can be followed by subproject owners without incident response experience - decide how vulnerabilities are...
# Enhancement Description - One-line enhancement description (can be used as a release note): Account resources consumed by the pod sandbox, both for scheduling and limiting runtime usage. - Primary...
The gRPC [server KeepAlive params](https://pkg.go.dev/google.golang.org/grpc/keepalive#ServerParameters) include ```go type ServerParameters struct { // MaxConnectionIdle is a duration for the amount of time after which an // idle connection would be closed...
Observed in https://prow.k8s.io/view/gs/kubernetes-jenkins/pr-logs/pull/kubernetes-sigs_apiserver-network-proxy/380/pull-apiserver-network-proxy-test/1557157130442641408 ``` I0810 00:10:08.174060 3793 client.go:134] "stream read failure" I0810 00:10:09.177060 3793 client.go:134] "stream read failure" I0810 00:10:09.180209 3793 client.go:134] "stream read failure" E0810 00:10:14.184675 3793 client.go:134] "stream...
completed 10000 runs in 1h23m51s with 36 failures (0.36%) Ran with `stress ./tests.test -test.cpu=4 -test.run=TestProxyHandle_SlowContext_GRPC` All failures look the same: ``` E0805 02:39:20.068886 3728293 server.go:391] "Stream read from frontend failure"...
completed 10000 runs in 22m52s with 123 failures (1.23%) Ran with `stress ./tests.test -test.cpu=4 -test.run=TestBasicProxy_GRPC` ``` --- FAIL: TestBasicProxy_GRPC (1.46s) leaks.go:78: found unexpected goroutines: [Goroutine 62 in state select, with...