Commit Graph

30688 Commits

Author SHA1 Message Date
k8s-merge-robot
2274359ec1 Merge pull request #27518 from justinsb/kubedown_warn_if_no_vpc
Automatic merge from submit-queue

AWS kube-down: Issue warning if VPC not found

To address issue #17219
2016-06-19 19:53:20 -07:00
k8s-merge-robot
6fbf99b11a Merge pull request #26753 from ericchiang/rbac-authorizer-tests
Automatic merge from submit-queue

add unit and integration tests for rbac authorizer

This PR adds lots of tests for the RBAC authorizer. 

The plan over the next couple days is to add a lot more test cases.

Updates #23396

cc @erictune
2016-06-19 19:19:08 -07:00
k8s-merge-robot
51dd3d562d Merge pull request #27380 from rootfs/fix-nsenter-list
Automatic merge from submit-queue

in nsenter mounter, read  hosts PID 1 /proc/mounts to list the mounts

fix #27378
2016-06-19 18:38:54 -07:00
k8s-merge-robot
a025e20f93 Merge pull request #27302 from zmerlynn/faster-large-down
Automatic merge from submit-queue

gce/kube-down: Parallelize IGM deletion, batch more

Batch up to 200 instance / route deletions, handle IGM deletion in parallel.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-19 18:04:13 -07:00
k8s-merge-robot
58eae670b9 Merge pull request #27231 from brendandburns/test-cmd.sh
Automatic merge from submit-queue

Add test-cmd.sh tests for 3rd party resources.

Adding more test coverage, this time of the client side behavior.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-19 17:28:31 -07:00
k8s-merge-robot
368704dc71 Merge pull request #27185 from gmarek/heapster-cpu
Automatic merge from submit-queue

Enable dynamic allocation of heapster/eventer cpu request/limit

cc @mwielgus @piosz @zmerlynn
2016-06-19 16:48:49 -07:00
k8s-merge-robot
ba771e7135 Merge pull request #27192 from smarterclayton/signature_change
Automatic merge from submit-queue

Remove EncodeToStream(..., []unversioned.GroupVersion)

Was not being used. Is a signature change and is necessary for post 1.3 work on Templates and other objects that nest objects.

Extracted from #26044
2016-06-19 16:13:07 -07:00
k8s-merge-robot
3df228fd76 Merge pull request #27431 from jsafrane/pv-events-print
Automatic merge from submit-queue

'kubectl describe pv' now shows events
2016-06-19 15:31:55 -07:00
k8s-merge-robot
4630a3c665 Merge pull request #27428 from gmarek/staticPods
Automatic merge from submit-queue

WaitForRunningReady also waits for PodsSuccess

Ref. #27095 - fixes the test, doesn't fix the problem.

cc @yujuhong @fejta
2016-06-19 14:55:11 -07:00
k8s-merge-robot
a911948c20 Merge pull request #27682 from justinsb/fix_23395
Automatic merge from submit-queue

AWS kube-up: set net.ipv4.neigh.default.gc_thresh1=0 to avoid ARP over-caching

This works around a linux kernel bug with overly aggressive caching of
ARP entries, which was causing problems when we reused IP addresses in
VPCs, for example with an ASG in a relatively small subnet.

See #23395 for more explanation.

Fixes #23395
2016-06-19 14:11:57 -07:00
k8s-merge-robot
536ed2843e Merge pull request #27628 from justinsb/fix_27534
Automatic merge from submit-queue

AWS volumes: Use /dev/xvdXX names with EC2

We are using HVM style names, which cannot be paravirtual style names.

See
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html

This also fixes problems introduced when moving volume mounting to KCM.

Fix #27534
2016-06-19 13:17:09 -07:00
k8s-merge-robot
8f5d081194 Merge pull request #27209 from ronnielai/disk-check
Automatic merge from submit-queue

Logging for OutOfDisk when file system info is not available

#26566
1. Adding logs for file system info being not available.
2. Reporting outOfDisk when file system info is not available.
2016-06-19 00:02:59 -07:00
k8s-merge-robot
090e6ff660 Merge pull request #27625 from goltermann/spell2
Automatic merge from submit-queue

Fix several spelling errors in comments

What the title says
2016-06-18 23:08:28 -07:00
Daniel Smith
90f46c2c09 Merge pull request #27686 from lavalamp/fixv
disable broken verifier
2016-06-18 23:07:07 -07:00
Daniel Smith
5b13a29e2a disable broken verifier 2016-06-18 23:04:32 -07:00
Justin Santa Barbara
d62fe2a315 AWS kube-up: set net.ipv4.neigh.default.gc_thresh1=0
This works around a linux kernel bug with overly aggressive caching of
ARP entries, which was causing problems when we reused IP addresses in
VPCs, for example with an ASG in a relatively small subnet.

See #23395 for more explanation.

Fixes #23395
2016-06-19 00:20:16 -04:00
k8s-merge-robot
9d8e79be09 Merge pull request #27168 from smarterclayton/flatten_types
Automatic merge from submit-queue

ObjectMeta, ListMeta, and TypeMeta should implement their interfaces

Make unversioned.ListMeta implement List. Update all the *List types so they implement GetListMeta.
This helps avoid using reflection to get list information.

Remove all unnecessary boilerplate, move the interfaces to the right
places, and add a test that verifies that objects implement one, the
other, but never both.

@ncdc @lavalamp this supercedes #26964 with the boilerplate removed.  Added tests
2016-06-18 20:23:50 -07:00
k8s-merge-robot
5c2594233e Merge pull request #27162 from goltermann/example
Automatic merge from submit-queue

Fixing timing issues with examples

Partial fixes for examples tests.
2016-06-18 19:43:36 -07:00
k8s-merge-robot
253e664344 Merge pull request #27133 from copejon/pv_e2e_testing_modifications
Automatic merge from submit-queue

Overhauled pv e2e test to reflect common lifecycle

cc @jeffvance
2016-06-18 19:10:25 -07:00
k8s-merge-robot
185ca0035c Merge pull request #27119 from jsafrane/integration-provisioning
Automatic merge from submit-queue

Add integration test for provisioning/deleting many PVs.

The test is configurable by KUBE_INTEGRATION_PV_OBJECTS for load tests, 100 objects are created by default.

@kubernetes/sig-storage
2016-06-18 18:34:10 -07:00
k8s-merge-robot
6bdb9b0b8d Merge pull request #27070 from girishkalele/exechealthz-quiet
Automatic merge from submit-queue

DNS healthz container - add quiet option to stop flooding logs
2016-06-18 17:54:57 -07:00
k8s-merge-robot
d526f82f2f Merge pull request #27672 from quinton-hoole/2016-06-18-return-error-on-dnsprovider-error
Automatic merge from submit-queue

Return error not empty list when dnsprovider returns an error.

Without this change, we return an empty list, instead of the error from the underlying dns provider, which makes debugging hard.
2016-06-18 17:08:06 -07:00
k8s-merge-robot
6b14e0f226 Merge pull request #27054 from jingxu97/bug-volume
Automatic merge from submit-queue

Fix bug in isLikelyNotMountPoint function

In nsenter_mount.go/isLikelyNotMountPoint function, the returned output
from findmnt command misses the last letter. Modify the code to use
String.contains instead of string matching. fixes #26421 fixes #25056 fixes #22911
2016-06-18 17:08:02 -07:00
k8s-merge-robot
637734f003 Merge pull request #27047 from luxas/enable-ppc64le
Automatic merge from submit-queue

Enable all ppc64le builds, except for hyperkube

Partially fixes: #25886 
Talked to @Pensu, and all other binaries seem to work fine

@david-mcmahon @ixdy @Pensu @smarterclayton
2016-06-18 16:32:19 -07:00
Quinton Hoole
30afb6b072 Return error not empty list when dnsprovider returns an error. 2016-06-18 16:15:55 -07:00
k8s-merge-robot
7ee4189cf6 Merge pull request #27036 from sttts/sttts-secure-seccomp-path
Automatic merge from submit-queue

Filter seccomp profile path from malicious .. and /

Without this patch with `localhost/<some-releative-path>` as seccomp profile one can load any file on the host, e.g. `localhost/../../../../dev/mem` which is not healthy for the kubelet.

/cc @jfrazelle 

Unit tests depend on https://github.com/kubernetes/kubernetes/pull/26710.
2016-06-18 15:58:07 -07:00
k8s-merge-robot
d80b60ef7c Merge pull request #26934 from dcbw/split-hostport
Automatic merge from submit-queue

kubelet/kubenet: split hostport handling into separate module

This pulls the hostport functionality of kubenet out into a separate module so that it can be more easily tested and potentially used from other code (maybe CNI, maybe downstream consumers like OpenShift, etc).  Couldn't find a mock iptables so I wrote one, but I didn't look very hard.

@freehan @thockin @bprashanth
2016-06-18 15:24:57 -07:00
k8s-merge-robot
7ea1a25490 Merge pull request #26862 from fabioy/node_pool_test
Automatic merge from submit-queue

Add GKE node pool e2e test. Fix GKE local SSD test to only run under GKE.

Just adding a node pool e2e test for GKE runs. And minor fix to local SSD test to only run under GKE.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-18 14:50:45 -07:00
k8s-merge-robot
b9dbe98a74 Merge pull request #26924 from olegshaldybin/pluralize-subject
Automatic merge from submit-queue

Rename RBAC 'subject' to 'subjects'.

Rename RBAC subject field

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-18 14:18:04 -07:00
k8s-merge-robot
77cf11f4d7 Merge pull request #27441 from derekwaynecarr/downward_api_node_defaults
Automatic merge from submit-queue

Revert revert of downward api node defaults

Reverts the revert of https://github.com/kubernetes/kubernetes/pull/27439

Fixes #27062

@dchen1107 - who at Google can help debug why this caused issues with GKE infrastructure but not GCE merge queue?

/cc @wojtek-t @piosz @fgrzadkowski @eparis @pmorie
2016-06-18 12:12:24 -07:00
k8s-merge-robot
ddd7b5a43c Merge pull request #27494 from david-mcmahon/versionizedocsfix
Automatic merge from submit-queue

Run update-munge-docs.sh directly.
2016-06-18 11:36:12 -07:00
k8s-merge-robot
13cd6475c9 Merge pull request #26917 from fabioy/fix_multi_migs
Automatic merge from submit-queue

Handle multiple MIGs (single-zone) properly in GKE scripts.

Change the scripts for GKE to handle multiple node pools (MIGs) in the same zone. 

Fixes https://github.com/kubernetes/test-infra/issues/100.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-18 11:36:08 -07:00
k8s-merge-robot
48b255d424 Merge pull request #26813 from wonderfly/choose_docker_version
Automatic merge from submit-queue

Prep for continuous Docker validation test

```release-note
Add a test config variable to specify desired Docker version to run on GCI.
```
We want to continuously validate Docker releases (#25215), on GCI. This change
adds a new test config variable, `KUBE_GCI_DOCKER_VERSION`, through which we can
specify which version of Docker we want to run on the master and nodes. This
change also patches the Jenkins e2e-runner with the ability to fetch the latest
Docker (pre)release, and sets the aforementioned variable accordingly.

Tested on my local Jenkins instance that was able to start a cluster with the latest Docker version (different from installed version) running on both master and nodes.

@dchen1107 Can you review?

cc/ @andyzheng0831 for changes in `cluster/gce/gci/helper.sh`, and @ixdy @spxtr for changes to the Jenkins e2e-runner

cc/ @kubernetes/goog-image
2016-06-18 11:00:55 -07:00
k8s-merge-robot
14e05064c8 Merge pull request #26886 from kevin-wangzefeng/fix_scheduling_e2e_test_leak
Automatic merge from submit-queue

fix node.labels leak in scheduler predicates e2e

closes #26698 

cc @davidopp @wojtek-t @fejta @gmarek
2016-06-18 10:26:13 -07:00
k8s-merge-robot
7e88b0ef0e Merge pull request #26781 from aveshagarwal/master-dapi-volume-annotations-labels-issue
Automatic merge from submit-queue

Remove an empty line being output when exposing annotations and labels via downward api volume

The issue is that formatMap function (for annotations and labels) in pkg/fieldpath/fieldpath.go appends a "\n" after each key value pair which is correct for all pairs except the last pair because then a complete string is returned with a "\n" in the end. It is inconsistent with other strings (metadata.name, namespace and resources) being returned as they dont have "\n" in the end. These returned strings are processed by sortLines function in pkg/volume/downwardapi/downwardapi.go and the function finally appends "\n" to each  string, but incorrectly outputs an empty line if there is an already "\n" in the end with the  input string. To illustrate:

The sortLines works as follows: lets say the input string is : "a\nb\nc\n". 

1. It splits them as "a", "b", "c", ""  (note empty string in the end). 
2. it sort them:  "", "a", b", "c"  
3. And then it appends "\n" again to each string:  "\n",  "a\n" ,"b\n", "c\n"

So we can see that it is erroneously creating an empty string in the beginning when the input string to sortLines has "\n" in the end.  As I said above, it is not an issue with metadata.name, namespace and resources as their input strings are without \n" in the end.

So now, the output in the downward api volume, (using the example in http://kubernetes.io/docs/user-guide/downward-api/):

```
# cat /etc/annotations

 zone="us-est-coast"
 cluster="test-cluster1"
 rack="rack-22"
```

After this patch, the output will be correct and without the erroneous empty line in the beginning.
I could think other ways to solve this but I found the way in this patch with minimal code changes.

@kubernetes/rh-cluster-infra
2016-06-18 09:19:21 -07:00
k8s-merge-robot
6b9400d789 Merge pull request #26388 from caseydavenport/cd-networkpolicy-uts
Automatic merge from submit-queue

NetworkPolicy unit tests

- [x] Validation tests
- [x] storage tests
- [x] strategy tests
- [ ] test-cmd.sh

CC @thockin
2016-06-18 00:30:00 -07:00
k8s-merge-robot
7ea6705519 Merge pull request #25929 from jingxu97/bug-notag
Automatic merge from submit-queue

refuse to create a firewall rule with no target tag

fixes #25145

This modification in gce.firewallObject() will return error when trying
to create or update firewall rule if no node tag can be found. Also add
unit test for this modification.
2016-06-17 23:56:17 -07:00
k8s-merge-robot
076bf81b8b Merge pull request #23473 from AdoHe/kubelet_tls_overwrite
Automatic merge from submit-queue

fix kubelet tls overwrite issue

@lavalamp apply the same thing to kubelet. @dchen1107 ptal.

<!-- Reviewable:start -->
---
This change is [<img src="http://reviewable.k8s.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](http://reviewable.k8s.io/reviews/kubernetes/kubernetes/23473)
<!-- Reviewable:end -->
2016-06-17 23:20:03 -07:00
k8s-merge-robot
ec86c428c1 Merge pull request #27596 from saad-ali/removetestfromflaky
Automatic merge from submit-queue

Remove PD tests out of flaky

Closes https://github.com/kubernetes/kubernetes/issues/26127
2016-06-17 22:46:52 -07:00
k8s-merge-robot
d1115dc184 Merge pull request #27636 from mml/fed-dns-followup
Automatic merge from submit-queue

Cleanups following #27587

- Add back the negative assertions, but mark them [Slow].
- Use the current DNS TTL of 180 sec as our timeout for all DNS tests.
- Assorted cleanups and refactoring.
2016-06-17 22:05:39 -07:00
k8s-merge-robot
42a88fc304 Merge pull request #27647 from quinton-hoole/2016-06-17-excise-example.com
Automatic merge from submit-queue

Change default Federation DNS zone to be RFC 2606 compliant.

example.com is reserved, so don't use it.
Use federation.example instead.
2016-06-17 21:10:51 -07:00
k8s-merge-robot
db904257f9 Merge pull request #27599 from dchen1107/gci
Automatic merge from submit-queue

Fix docker log level on GCI node.

Fix #27584

cc/ @a-robinson
2016-06-17 20:21:05 -07:00
k8s-merge-robot
808f3ecbe6 Merge pull request #27220 from yifan-gu/kube-up-master
Automatic merge from submit-queue

cluster/gce/coreos: Make kube-up works for both rkt and docker on coreos on gce

With this PR, kube-up will be able to spin up a pure rkt cluster given the choice `KUBE_CONTAINER_RUNTIME=rkt`

e.g. 
```
export KUBE_GCE_ZONE=us-east1-b
export KUBE_OS_DISTRIBUTION=coreos

export KUBE_GCE_MASTER_PROJECT=coreos-cloud
export KUBE_GCE_MASTER_IMAGE=coreos-alpha-1032-0-0-v20160428

export KUBE_GCE_NODE_PROJECT=coreos-cloud
export KUBE_GCE_NODE_IMAGE=coreos-alpha-1032-0-0-v20160428


export KUBE_ENABLE_NODE_LOGGING=false
export KUBE_ENABLE_CLUSTER_MONITORING=none

export KUBE_CONTAINER_RUNTIME=rkt
export KUBE_RKT_VERSION=v1.8.0
```

```
$ cluster/kube-up.sh
...
$ kubectl cluster-info
Kubernetes master is running at https://104.196.41.124
GLBCDefaultBackend is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/default-http-backend
Elasticsearch is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/elasticsearch-logging
Kibana is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/kibana-logging
KubeDNS is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/kube-dns
kubernetes-dashboard is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard
```

```
$ kubectl get pods --all-namespaces
NAMESPACE     NAME                                            READY     STATUS    RESTARTS   AGE
kube-system   elasticsearch-logging-v1-5zfrd                  1/1       Running   0          2m
kube-system   elasticsearch-logging-v1-83u6w                  1/1       Running   0          2m
kube-system   etcd-server-events-yifan-test-rkt-master        1/1       Running   0          2m
kube-system   etcd-server-yifan-test-rkt-master               1/1       Running   0          2m
kube-system   kibana-logging-v1-0g7yu                         1/1       Running   2          2m
kube-system   kube-addon-manager-yifan-test-rkt-master        1/1       Running   0          3m
kube-system   kube-apiserver-yifan-test-rkt-master            1/1       Running   0          2m
kube-system   kube-controller-manager-yifan-test-rkt-master   1/1       Running   0          3m
kube-system   kube-dns-v14-1mqco                              3/3       Running   0          2m
kube-system   kube-scheduler-yifan-test-rkt-master            1/1       Running   0          2m
kube-system   kubernetes-dashboard-v1.1.0-beta2-uwutn         1/1       Running   0          2m
kube-system   l7-lb-controller-v0.6.0-8pgbo                   2/2       Running   0          2m
kube-system   node-problem-detector-v0.1-7iwb2                1/1       Running   0          2m
kube-system   node-problem-detector-v0.1-k4m8o                1/1       Running   0          2m
kube-system   node-problem-detector-v0.1-rxtp8                1/1       Running   0          2m
kube-system   node-problem-detector-v0.1-wsoqd                1/1       Running   0          2m

```


Fix #24103 

cc @kubernetes/sig-node @kubernetes/rktnetes-maintainers
2016-06-17 19:39:22 -07:00
k8s-merge-robot
64f79df54e Merge pull request #27650 from nikhiljindal/fixFedTest
Automatic merge from submit-queue

federation-apiserver test: Fixing the AfterEach order in e2e test

Moving "It" and "AfterEach" into a "Describe" fixes the order of AfterEach.
Verified that now, test.AfterEach is run before running framework.AfterEach.

Removing the temporary disabling of framework.SkipUnlessFederated(f.Client) in AfterEach.

cc @kubernetes/sig-cluster-federation @mml
2016-06-17 18:48:36 -07:00
k8s-merge-robot
a521a16d0d Merge pull request #27591 from dchen1107/cadvisor2
Automatic merge from submit-queue

Bump cAdvisor to v0.23.4

```release-note
*  Check for thin_is binary in path for devicemapper when using ThinPoolWatcher
*  Fix uint64 overflow issue for CPU stats
```

Fix #27194 #27573
2016-06-17 18:48:33 -07:00
k8s-merge-robot
04fd079d09 Merge pull request #27597 from dchen1107/kubectl
Automatic merge from submit-queue

No timeout for kubectl logs

Fix #27588

cc/ @smarterclayton
2016-06-17 17:48:15 -07:00
nikhiljindal
60f0dce033 Fixing the AfterEach order 2016-06-17 17:14:17 -07:00
k8s-merge-robot
d03a5fab29 Merge pull request #23666 from smarterclayton/initctrproposal
Automatic merge from submit-queue

Proposal for implementing init containers

Addresses #1589. Implemented in #23567. Docs in https://github.com/kubernetes/kubernetes.github.io/pull/679

```release-note
Init containers enable pod authors to perform tasks before their normal containers start. Each init container is started in order, and failing containers will prevent the application from starting.
```
2016-06-17 17:02:17 -07:00
k8s-merge-robot
7ab303efbe Merge pull request #27466 from madhusudancs/fed-dns-scope
Automatic merge from submit-queue

Move GCE NODE_SCOPES to config-common.sh and enable DNS scope in GKE.

Follow up to #27357

cc @colhom @kubernetes/sig-cluster-federation 

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-17 17:02:11 -07:00
Dawn Chen
1ea5c460bc Bump cAdvisor to v0.23.4 2016-06-17 16:26:39 -07:00