Commit Graph

63629 Commits

Author SHA1 Message Date
Christoph Blecker
0828b19996
Update godep in vendor 2018-04-02 12:57:41 -07:00
Christoph Blecker
ba71e6307a
Bump godep version to v80 2018-03-30 15:54:52 -07:00
Kubernetes Submit Queue
3538676841
Merge pull request #61786 from grayluck/ensureelb-test
Automatic merge from submit-queue (batch tested with PRs 61871, 61890, 61786). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add unit testcases for ensureExternalLoadBalancer to make sure it doesn't panic when errors raised.

**What this PR does / why we need it**:
Add unit testcases for ensureExternalLoadBalancer to make sure it doesn't panic when errors raised. Increase code coverage from 76.5% to 81.5%.

<!--
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:
-->

**Release note**: 

```release-note
NONE
```

\assign @MrHohn
2018-03-30 14:32:02 -07:00
Kubernetes Submit Queue
7a1e44456f
Merge pull request #61890 from dims/better-specify-dhcp-domain-for-hostname
Automatic merge from submit-queue (batch tested with PRs 61871, 61890, 61786). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Specify DHCP domain for hostname

**What this PR does / why we need it**:

In 9a8c6db448, we looked at the hostname
in the metadata service and used '.' as the delimiter to chop off the
dhcp_domain (specified in nova.conf). However administrators need to
better control the dhcp domain better as there may be a '.' in the host
name itself. So let's introduce a config option that we can use and
default it to what nova uses when dhcp_domain is not specified which is
"novalocal"


**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
new dhcp-domain parameter to be used for figuring out the hostname of a node
```
2018-03-30 14:31:59 -07:00
Kubernetes Submit Queue
718568a94e
Merge pull request #61871 from MrHohn/e2e-ingress-gce-shared-test
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

[e2e ingress-gce] Run preshared-cert and backend HTTPS tests with kubemci

**What this PR does / why we need it**:

Make preshared-cert and backside-reencryption tests compatible with kubemci.

Test is currently failing with the symptom described on https://github.com/GoogleCloudPlatform/k8s-multicluster-ingress/issues/131#issuecomment-377098544.

@nikhiljindal @g-harmon 
/hold

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #NONE 

**Release note**:

```release-note
NONE
```
2018-03-30 14:21:51 -07:00
Kubernetes Submit Queue
8f7eb4e6ac
Merge pull request #61713 from mountkin/fix-cli-run-panic
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

kubectl: fix a panic when createGeneratedObject failed

**What this PR does / why we need it**:
This PR fixed two bugs in the `kubectl run` command.
The first commit fixed a panic that can be reproduced with the following two commands:
```bash
kubectl run --image=alpine hello -- sleep 1d
kubectl run --image=alpine --stdin --tty --attach hello -- /bin/sh
```
When the panic happens, the stack trace is as the following: 
```
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x8 pc=0x12f92e6]

goroutine 1 [running]:
k8s.io/kubernetes/pkg/kubectl/cmd.RunRun(0x1890d20, 0xc4207f6210, 0x184e700, 0xc42000c010, 0x184e720, 0xc42000c018, 0x184e720, 0xc42000c020, 0xc42052ef00, 0xc42054f980, ...)
	/home/star/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/pkg/kubectl/cmd/run.go:328 +0x10b6
k8s.io/kubernetes/pkg/kubectl/cmd.NewCmdRun.func1(0xc42052ef00, 0xc42054f980, 0x2, 0x8)
	/home/star/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/pkg/kubectl/cmd/run.go:105 +0x144
...
```
The reason for the panic is that the original code didn't handle the error returned by `createGeneratedObject` correctly. See https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L281
If the function `createGeneratedObject` fails, the returned `runObject` will be `nil`.  At https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L328 a nil pointer dereference will happen.

The second problem this PR fixed is a resource leak if both `--rm` and `--expose` flags are provided. The original code used a map (https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L280) to trace the created objects. But at https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L296 the code will overwrite the previously created object with the same key. So at https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L348 only the service will be deleted. The deployment will be left behind.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
/kind bug
/sig cli
2018-03-30 13:19:31 -07:00
Kubernetes Submit Queue
5658a327dd
Merge pull request #61091 from Lion-Wei/ipvs-lb
Automatic merge from submit-queue (batch tested with PRs 60990, 60947, 45275, 60565, 61091). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

fix service loadbalancer source range for ipvs proxy mode

**What this PR does / why we need it**:
fix service loadbalancer source range for ipvs proxy mode

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #61090

**Special notes for your reviewer**:

**Release note**:
```
NONE
```
2018-03-30 11:53:17 -07:00
Kubernetes Submit Queue
9ec2860124
Merge pull request #60565 from WanLinghao/kubectl_cp_slash
Automatic merge from submit-queue (batch tested with PRs 60990, 60947, 45275, 60565, 61091). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

kubectl cp command bug fix

**What this PR does / why we need it**:
	when copy file from host to pod like this:	
        1.kubectl copy /tmp/test-file test-pod:/
	2.kubectl copy /tmp/test-file test-pod:
	example 1 will fail, example 2 will cause a panic.
	This patch fix bugs above.


**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #60564

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-03-30 11:53:13 -07:00
Kubernetes Submit Queue
cea4284677
Merge pull request #45275 from CaoShuFeng/log-l
Automatic merge from submit-queue (batch tested with PRs 60990, 60947, 45275, 60565, 61091). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Support multi-container pod for "kubectl logs"

kubectl logs -l will print logs for pods with the same label, however it doesn't support pods with multi containers. This change adds support to it with --all-containers.

Ussage:
$ kubectl logs my-pod --all-containers
$ kubectl logs -laa=bb --all-containers
$ kubectl logs my-pod my-container --all-containers (err: container should not combined with --all-containers)

**Release note**:

```
add --all-containers option to "kubectl log"
```

Fixes:
https://github.com/kubernetes/kubectl/issues/371
2018-03-30 11:53:10 -07:00
Kubernetes Submit Queue
f165ad7cd2
Merge pull request #60947 from fanzhangio/replace
Automatic merge from submit-queue (batch tested with PRs 60990, 60947, 45275, 60565, 61091). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add conflict detection feature to apply strategy

- Add DetectConflictor interface on Element level. Implemented it for particular elements.
- If Options.FailOnConflict is enabled, Merge will detect conflict by invoking doConflictDecect for particular element,
  returning ConflictError with details.
- Add tests, including use case examples and illustration. For example: list, map, and complicated combination.

**What this PR does / why we need it**:
Apply is being rewritten under pkg/kubectl/apply/strategy based on visitor pattern. The new merge and replace code should check for conflicts between the recorded value and the remote value, and optionally return an error if they do not match with the field and details. A conflict is if the same field is specified in BOTH the recorded and the remote values of an object, but does not match.

**Which issue(s) this PR fixes**:
Fixes #60945 
https://github.com/kubernetes/kubectl/issues/97

**Release note**:

```release-note
NONE
```
2018-03-30 11:53:07 -07:00
yankaiz
6714d17b61 Add unit testcases for ensureExternalLoadBalancer to make sure it doesn't panic when errors raised. 2018-03-30 11:36:47 -07:00
Kubernetes Submit Queue
a13dee2337
Merge pull request #60990 from bmcstdio/bcustodio/kubectl-edit
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Ensure reasons end up as comments in kubectl edit.

**What this PR does / why we need it**:

This PR helps making sure that all text in the header of the file is prefixed with `#` when using `kubectl edit` to fix schema validation errors. The problem is best described with an example:

*Before:*

```yaml
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
# mycrd "example-cr" was not valid:
# * []: Invalid value: map[string]interface {}{"apiVersion":"example.com/v1alpha1", "kind":"MyCRD", "metadata":map[string]interface {}{"clusterName":"", "creationTimestamp":"2018-03-09T16:16:41Z", "name":"example-cr", "namespace":"default", "resourceVersion":"12399", "selfLink":"", "uid":"4089f5bd-23b5-11e8-a33f-42010aa40081", "generation":0}, "spec":map[string]interface {}{"size":-1}}: validation failure list:
spec.size in body should be greater than or equal to 1
#
apiVersion: example.com/v1alpha1
kind: MyCRD
```

This obviously won't be accepted as input, the user having to manually add a `#` to the line in the header.

*After:*

```yaml
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
# mycrd "example-cr" was not valid:
# * []: Invalid value: map[string]interface {}{"apiVersion":"example.com/v1alpha1", "kind":"MyCRD", "metadata":map[string]interface {}{"clusterName":"", "creationTimestamp":"2018-03-09T16:16:41Z", "name":"example-cr", "namespace":"default", "resourceVersion":"12399", "selfLink":"", "uid":"4089f5bd-23b5-11e8-a33f-42010aa40081", "generation":0}, "spec":map[string]interface {}{"size":-1}}: validation failure list:
# spec.size in body should be greater than or equal to 1
#
apiVersion: example.com/v1alpha1
kind: MyCRD
```

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
(None that I am aware of)

**Special notes for your reviewer**:
(None)

**Release note**:

```release-note
Ensure reasons end up as comments in `kubectl edit`.
```
2018-03-30 11:23:29 -07:00
Kubernetes Submit Queue
a44c6a8bc7
Merge pull request #59732 from dims/set-kube-scheduler-leader-elect-to-true
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Set leader-elect for kube-scheduler to true

**What this PR does / why we need it**:
Thanks to some great sleuthing by ikruglov!

kube-controller-manager defaults --leader-elect to true. We should
do the same for kube-scheduler. kube-scheduler used to have this
set to true, but it got lost during refactoring in:
efb2bb71cd

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #59729

**Special notes for your reviewer**:

**Release note**:

```release-note
kube-scheduler has been fixed to use `--leader-elect` option back to true (as it was in previous versions)
```
2018-03-30 10:28:40 -07:00
Kubernetes Submit Queue
8a783b0664
Merge pull request #59768 from barney-s/sts-integration
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Adding integration tests for statefulset

**What this PR does / why we need it**:
Creates a base statefulset integration test framework.
Basic tests added.


**Which issue(s) this PR fixes**:
None

**Special notes for your reviewer**:
Cloned pull/52583 and updated it to work with latest API changes.

**Release note**:
None.
2018-03-30 09:35:01 -07:00
Zihong Zheng
34acfcd027 [e2e ingress-gce] Run preshared-cert and backside-reencryption tests with kubemci 2018-03-30 08:52:28 -07:00
Kubernetes Submit Queue
6360192eab
Merge pull request #61847 from mengqiy/patch_conflict
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

fix patch conflict detection in apiserver

Patching conflict for merging list with mergeKey is not determined in the correct way. 

```release-note
None
```
2018-03-30 07:55:12 -07:00
Davanum Srinivas
ba2778b17a Set leader-elect for kube-scheduler to true
Thanks to some great sleuthing by ikruglov!

kube-controller-manager defaults --leader-elect to true. We should
do the same for kube-scheduler. kube-scheduler used to have this
set to true, but it got lost during refactoring in:
efb2bb71cd
2018-03-30 10:52:01 -04:00
Kubernetes Submit Queue
621610d079
Merge pull request #61935 from kawych/master
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Use old resource model in External Metrics API e2e tests

**What this PR does / why we need it**:
Currently e2e tests for External Metrics are failing, because the tests projects are not whitelisted to use new Stackdriver resource model. They will be in a week, but this particular test doesn't have to depend on it.

**Release note**:
```release-note
NONE
```
2018-03-30 06:49:25 -07:00
Karol Wychowaniec
ac7ae3be7c Use old resource model in External Metrics API e2e tests 2018-03-30 14:00:38 +02:00
Kubernetes Submit Queue
ca5f4b2a09
Merge pull request #61936 from kawych/owner
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add kawych to OWNERS of instrumentation e2e tests

**Release note**:
```release-note
NONE
```
2018-03-30 04:30:36 -07:00
Kubernetes Submit Queue
3cf80b1f93
Merge pull request #61884 from feiskyer/standard
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

 Add support of Azure standard load balancer and public IP

**What this PR does / why we need it**:

This PR adds a new configure `loadBalancerSku` and `excludeMasterFromStandardLB` to support Azure standard load balancer and public IP.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
First step of #60485

**Special notes for your reviewer**:

This is the first step of #60485, and only VMAS is supported yet. VMSS support will be added in a following PR.

**Release note**:

```release-note
Azure cloud provider now supports standard SKU load balancer and public IP. To use it, set cloud provider config with
{
  "loadBalancerSku": "standard",
  "excludeMasterFromStandardLB": true,
}

If excludeMasterFromStandardLB is not set, master nodes are also added to the backend of standard LB.
```
2018-03-30 04:05:24 -07:00
Kubernetes Submit Queue
4d7a20c6d1
Merge pull request #61885 from kubernetes/revert-61773-fluentd-partial-success
Automatic merge from submit-queue (batch tested with PRs 61930, 61885). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Revert "Enable partial success in fluentd-gcp"

Reverts kubernetes/kubernetes#61773

As @Random-Liu noticed in https://github.com/kubernetes/kubernetes/pull/61773#issuecomment-377140834, it broke tests, possibly because of higher memory utilization

/assign @x13n 

```release-note
NONE
```
2018-03-30 03:14:06 -07:00
Kubernetes Submit Queue
92c5fa36f9
Merge pull request #61930 from Random-Liu/fix-cri-run-as-group
Automatic merge from submit-queue (batch tested with PRs 61930, 61885). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix comment in CRI run_as_group.

This PR:
1) Clarify that runtime should return error if `run_as_group` is set when `run_as_user` is not. (Current behavior in dockershim, https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/dockershim/security_context.go#L93)
2) Remove `run_as_groupname` which is not supported now.

/cc @kubernetes/sig-node-api-reviews 
/cc @krmayankk 
**Release note**:

```release-note
none
```
2018-03-30 03:14:03 -07:00
Karol Wychowaniec
c562384ecf Add kawych to OWNERS of instrumentation e2e tests 2018-03-30 12:11:39 +02:00
Kubernetes Submit Queue
e57af2b354
Merge pull request #61760 from bskiba/test-em-sd-clean
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add e2e test for external metrics with Stackdriver

**What this PR does / why we need it**:
Adds e2e tests for external metrics using Stackdriver adapter.
Rename the file to note that these are Stackdriver tests in anticipation of tests running with fake custom metrics apiserver. Refactor the tests to be more structured.

**Release note**:
```
NONE
```
2018-03-30 02:11:20 -07:00
Pengfei Ni
7ec0315c39 some updates 2018-03-30 16:52:42 +08:00
Pengfei Ni
094dbded65 Add support of Azure standard load balancer and public IP 2018-03-30 16:52:36 +08:00
Kubernetes Submit Queue
acd435c578
Merge pull request #61925 from hanxiaoshuai/fixtodo03301
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

use handle DeletedFinalStateUnknown objects in function deleteNode

**What this PR does / why we need it**:
fixtodo:ensure len(nodeName) > 0 in function deleteNode
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-03-30 01:09:35 -07:00
Lantao Liu
5d6f356b91 Fix comment in CRI run_as_group.
Signed-off-by: Lantao Liu <lantaol@google.com>
2018-03-30 07:38:19 +00:00
Kubernetes Submit Queue
f8d37cdaf1
Merge pull request #61920 from resouer/fix-61916
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add namespace name into e2e event verify function

**What this PR does / why we need it**:

Scheduler now events assigned msg with `ns/podname`, but the e2e is still expect `podname` only.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #61916

**Special notes for your reviewer**:

cc @Random-Liu @bsalamat 
@kubernetes/sig-scheduling-pr-reviews 

**Release note**:

```release-note
NONE
```
2018-03-30 00:15:37 -07:00
Kubernetes Submit Queue
99fd98a893
Merge pull request #61740 from filbranden/nodetest1
Automatic merge from submit-queue (batch tested with PRs 61482, 61740). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Make systemd service name for kubelet use a timestamp in e2e-node tests.

**What this PR does / why we need it**:

This makes it easier to figure out which execution was last when looking at the output of `systemd list-units kubelet-*.service`.

We try to find the name of the /tmp/node-e2e-* directory and use the same timestamp if we can. Otherwise, we just call Now() again, which isn't as nice (as the unit name and directory name will not match) but will still produce unit names that will be ordered when launching multiple subsequent executions on the same host.


**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
N/A

**Special notes for your reviewer**:

Tested using `make test-e2e-node REMOTE=true` and then checking `systemctl list-units kubelet-*.service` on the target host.

```
$ systemctl list-units kubelet-*.service
kubelet-20180326T142016.service loaded active exited /tmp/node-e2e-20180326T142016/kubelet --kubeconfig /tmp/node-e2e-20180326T142016/kubeconfig --root-dir /var/lib/kubelet ...
kubelet-20180326T143550.service loaded active exited /tmp/node-e2e-20180326T143550/kubelet --kubeconfig /tmp/node-e2e-20180326T143550/kubeconfig --root-dir /var/lib/kubelet ...
```

The units are sorted in the order they were launched.

**Release note**:

```release-note
NONE
```
2018-03-29 21:10:03 -07:00
hangaoshuai
33f389bc1e use handle DeletedFinalStateUnknown objects in function deleteNode 2018-03-30 11:51:39 +08:00
Kubernetes Submit Queue
189a166ace
Merge pull request #61482 from filbranden/summary3
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix summary_test to work when XFS is used under overlay2 and add a check for Delegate=yes missing from docker.service

**What this PR does / why we need it**:
This fixes the summary_test checks to work in cases where:
1. Docker is using overlay2 for its images with XFS as backing filesystem.
1. The systemd unit for Docker does not include Delegate=yes.

The former will break RootFs minimum usage check from summary_test, since it expects _some_ usage even though the upper layer only contains directories that are used as mount points. It turns out the XFS filesystem returns "0" blocks in the stat() result for a directory, so this breaks the test. Fix it by creating a file with some small contents in the test, so that `du` will actually return some usage.

**NOTE**: I introduced this step in the loop part of the function. It works, but maybe it's not the best... Let me know if you think we should do some small cleanup here too, I'd be happy to do that.

Regarding the latter, when `Delegate=yes` is not included in `docker.service`, then systemd might choose not to create Memory and CPU cgroups (actually, any of the resource cgroups) for the unit when it starts it. It's a bit more complicated than that, because it *does* create them if any sibling units need it, so the behavior is a bit hard to control... In any case, here we're checking on it and accepting that we might get a "nil" from cAdvisor in cases where `Delegate=yes` is missing.

Both of these issues can be found on CentOS/RHEL, that's the motivation for the fixes.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
N/A

**Special notes for your reviewer**:
/assign dashpole

**Release note**:

```release-note
NONE
```
2018-03-29 20:37:27 -07:00
Mengqi Yu
ff18af452d fix patch conflict detection in apiserver 2018-03-29 20:05:58 -07:00
Davanum Srinivas
da5ccf7fb7 Specify DHCP domain for hostname
In 9a8c6db448, we looked at the hostname
in the metadata service and used '.' as the delimiter to chop off the
dhcp_domain (specified in nova.conf). However administrators need to
better control the dhcp domain better as there may be a '.' in the host
name itself. So let's introduce a config option that we can use and
default it to what nova uses when dhcp_domain is not specified which is
"novalocal"
2018-03-29 21:31:02 -04:00
Filipe Brandenburger
b8c39b7055 In summary_test, make Docker cpu/memory checks optional if unavailable.
The numbers will only be available when docker.service has its own
memory and cpu cgroups, which doesn't necessarily happen unless the unit
has Delegate=yes configured.

Let's work around that by checking the status of Delegate, in the case
where we are:
* running Docker
* running Systemd
* able to check the status through systemctl
* the status is explicitly Delegate=no (the default)

If all of those are true, let's make CPU and Memory expectations
optional.

Tested: make test-e2e-node REMOTE=true HOSTS=centos-e2e-node FOCUS="Summary API"
2018-03-29 18:12:30 -07:00
Filipe Brandenburger
351a70b60e In summary_test, create a file outside the test volume too.
This is necessary to show any RootFs usage on systems where the backing
filesystem of overlay2 is xfs.

The current test only created directories (for mount points) in the
upper layer of the overlay. Outside of the mount namespace, only the
directories are visible. When running `du` on those, usually filesystems
will show some usage, but not xfs, which shows a disk usage of 0 for
directories.

Fix this by creating a file in the root directory, outside the volumes,
in order to trigger some disk usage that can be measured by `du`.

Tested: make test-e2e-node REMOTE=true HOSTS=centos-e2e-node FOCUS="Summary API"
2018-03-29 18:12:29 -07:00
Kubernetes Submit Queue
5ae7bba496
Merge pull request #60100 from mtaufen/node-authz-nodeconfigsource
Automatic merge from submit-queue (batch tested with PRs 61829, 61908, 61307, 61872, 60100). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

node authorizer sets up access rules for dynamic config

This PR makes the node authorizer automatically set up access rules for
dynamic Kubelet config.

I also added some validation to the node strategy, which I discovered we
were missing while writing this.

This PR is based on another WIP from @liggitt.

```release-note
The node authorizer now automatically sets up rules for Node.Spec.ConfigSource when the DynamicKubeletConfig feature gate is enabled.
```
2018-03-29 17:37:18 -07:00
Kubernetes Submit Queue
6c107fccfd
Merge pull request #61872 from rmmh/verify-coalesce
Automatic merge from submit-queue (batch tested with PRs 61829, 61908, 61307, 61872, 60100). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Deduplicate identical typecheck errors between platforms.

**What this PR does / why we need it**: Deduplicate identical typecheck errors between platforms.

This will make typecheck output shorter for code that fails compilation everywhere,
like [this](https://k8s-gubernator.appspot.com/build/kubernetes-jenkins/pr-logs/pull/61869/pull-kubernetes-typecheck/3274/).

**Release note**:
```release-note
NONE
```
2018-03-29 17:37:15 -07:00
Kubernetes Submit Queue
fe7514cfbc
Merge pull request #61307 from filbranden/curl1
Automatic merge from submit-queue (batch tested with PRs 61829, 61908, 61307, 61872, 60100). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Use curl instead of wget to fetch the CNI tarball in e2e-node test

**What this PR does / why we need it**:

Curl is more ubiquitous than wget. For instance, the GCE centos-7 and rhel-7 image families ship curl by default, but not wget.

Looking at the shell scripts under cluster/, they tend to use curl more than wget. (The ones that use wget, such as get-kube.sh, try curl first and only fallback to wget if it's not available.)

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:

Fixes running node e2e test on centos-7 or rhel-7 image families provided in GCE.

**Special notes for your reviewer**:

Tested by running node-e2e-test on Ubuntu, COS and CentOS.

**Release note**:

```release-note
NONE
```
2018-03-29 17:37:12 -07:00
Kubernetes Submit Queue
7cf5974c42
Merge pull request #61908 from MrHohn/kube-dns-1.14.9
Automatic merge from submit-queue (batch tested with PRs 61829, 61908, 61307, 61872, 60100). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Update kube-dns to Version 1.14.9

**What this PR does / why we need it**:

kube-dns version bump for kubeadm will be on a speparate PR.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #NONE 

**Special notes for your reviewer**:
/assign @rramkumar1 @bowei 

**Release note**:

```release-note
Update kube-dns to Version 1.14.9. Major changes:
- Fix for kube-dns returns NXDOMAIN when not yet synced with apiserver.
- Don't generate empty record for externalName service.
- Add validation for upstreamNameserver port.
- Update go version to 1.9.3.
```
2018-03-29 17:37:09 -07:00
Kubernetes Submit Queue
d23d523bcd
Merge pull request #61829 from jonyhy96/patch-4
Automatic merge from submit-queue (batch tested with PRs 61829, 61908, 61307, 61872, 60100). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

fix comment error

fix comment error
```release-note
None
```
2018-03-29 17:37:06 -07:00
Harry Zhang
b646467536 Add namespace name into e2e event verify 2018-03-29 17:37:03 -07:00
Kubernetes Submit Queue
675f270138
Merge pull request #61460 from feiskyer/host-path
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

CRI: define the mount behavior when host path does not exist

**What this PR does / why we need it**:

This PR defines the mounting behavior when host path does not exist in CRI. Specifically,

- If the hostPath doesn't exist (e.g. hostPath volume), runtimes should report errors
- If the specified hostPath is a symlink, runtimes should follow the symlink and mount the real destination to the container

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #52318

**Special notes for your reviewer**:

**Release note**:

```release-note
CRI: define the mount behavior when host path does not exist: runtime should report error if the host path doesn't exist
```
2018-03-29 16:05:11 -07:00
Kubernetes Submit Queue
7a946e6fb0
Merge pull request #61870 from mikedanese/serverauth2
Automatic merge from submit-queue (batch tested with PRs 57658, 61304, 61560, 61859, 61870). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

certs: exclude more nonsensical addresses from SANs

I noticed this when I saw 169.254.* SANs using server TLS bootstrap.
This change excludes more nonsensical addresses from being requested as
SANs in that flow.
2018-03-29 15:03:16 -07:00
Kubernetes Submit Queue
086f72a771
Merge pull request #61859 from hyperbolic2346/mwilson/nginx-daemonset-pre-1.9
Automatic merge from submit-queue (batch tested with PRs 57658, 61304, 61560, 61859, 61870). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fixing ingress controller daemonset on k8s < 1.9

**What this PR does / why we need it**:
When we switched to an ingress daemonset, we didn't account for older installs. The api version changed on version 1.9, so anything pre-1.9 needs a different version. This PR makes the api version a template so we can change it depending on the version of k8s installed.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
https://github.com/juju-solutions/bundle-canonical-kubernetes/issues/526
**Special notes for your reviewer**:

**Release note**:

```release-note
Fixed ingress issue with CDK and pre-1.9 versions of kubernetes.
```
2018-03-29 15:03:12 -07:00
Kubernetes Submit Queue
bc2cc5a75d
Merge pull request #61560 from apelisse/fix-failing-ui-dashboard-1.10
Automatic merge from submit-queue (batch tested with PRs 57658, 61304, 61560, 61859, 61870). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

test: Disable ui dashboard test for gke

The dashboard is disabled on GKE 1.10, the test is failing because it's
not alive. Let's just skip this use-case, and keep a todo that it'd be
nice to enable the dashboard to test it.

**What this PR does / why we need it**:
Disable dashboard test for GKE.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #61559

**Special notes for your reviewer**:

**Release note**:
```release-note
NONE
```

cc @mml @konryd
2018-03-29 15:03:08 -07:00
Kubernetes Submit Queue
ea2bd22367
Merge pull request #61304 from juanvallejo/add-template-printer-flags
Automatic merge from submit-queue (batch tested with PRs 57658, 61304, 61560, 61859, 61870). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

wire through template PrintFlags

**Release note**:
```release-note
NONE
```

Begin implementing pieces needed to retrieve `go-template`, `jsonpath` printers from a set of flags.
Proposal: https://docs.google.com/document/d/19ZZFVe9oD1KQmk5uExggRWtRl_hKGfYnBXvHZJlgEro/edit#heading=h.pnvbfi14v4zz

cc @soltysh @deads2k @pwittrock
2018-03-29 15:03:06 -07:00
Kubernetes Submit Queue
d7f6154136
Merge pull request #57658 from andyxning/code_refactor
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Remove CgroupParent from RunContainerOptions

**What this PR does / why we need it**:
`CgroupParent` argument for a container is derived from sandbox config instead of container config in [dockershim](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/dockershim/helpers_linux.go#L125-L132). The logic to get `cgroupParent` for container is useless.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:
I may be wrong for only considering docker runtime. But according to cri runtime api, only [`LinuxPodSandboxConfig` has a field `CgroupParent`](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/apis/cri/v1alpha1/runtime/api.pb.go#L590). So i think it is only valid in sandbox config.

BTW, maybe we also need to delete [`CgroupParent` field in `RunContainerOptions` struct](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/container/runtime.go#L432).
**Release note**:

```release-note
None
```
2018-03-29 14:51:04 -07:00
Kubernetes Submit Queue
cad4385cb0
Merge pull request #61772 from php-coder/improve_kube_api_versions_error_message
Automatic merge from submit-queue (batch tested with PRs 61904, 61565, 61401, 61432, 61772). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Include original error in the error message

**What this PR does / why we need it**:
This PR improves error message by including an initial error into it.

Before this change `hack/test-update-storage-objects.sh` was failing with the following error:
>E0326 19:32:28.511136   31378 server.go:456] Failed to create clientset with KUBE_API_VERSIONS="v1,networking.k8s.io/v1,storage.k8s.io/v1beta1,extensions/v1beta1,networking.k8s.io/v1,storage.k8s.io/v1,extensions/v1beta1". KUBE_API_VERSIONS is only for testing. Things will break.

Now it shows also error cause:
> E0326 19:45:57.186959   18448 server.go:456] Failed to create clientset with KUBE_API_VERSIONS="v1,networking.k8s.io/v1,storage.k8s.io/v1beta1,extensions/v1beta1,networking.k8s.io/v1,storage.k8s.io/v1,extensions/v1beta1,policy/v1beta1": **group admissionregistration.k8s.io has not been registered**. KUBE_API_VERSIONS is only for testing. Things will break.
2018-03-29 11:46:22 -07:00