Automatic merge from submit-queue
SchedulerPredicates e2e test: be more verbose about requested resource
When ``validates resource limits of pods that are allowed to run [Conformance]`` test is run, logs could give more information about requested resource and say it is for cpu and in mili units.
cpu is stored in m units here:
```
nodeToCapacityMap[node.Name] = capacity.MilliValue()
```
Automatic merge from submit-queue
Add a timeout to the node e2e Ginkgo test runner
Also add a few debugging statements to indicate progress.
Should help prevent #25639, since we'll timeout tests before Jenkins times out the build.
Automatic merge from submit-queue
gcr.io/google_containers/mounttest: use Stat instead of Lstat
The current ``mt.go`` implementation use ``os.Lstat`` instead of ``os.Stat`` which does not read symlinks. Since implementation of ``AtomicWriter`` (which relies on existence of symlinks), the updated implementation of secret volume using the ``AtomicWriter`` can not be tested for secret file permission. Replacing ``Lstat`` with ``Stat`` allows to read symlinks and return permissions of target file. The change affects ``--file_perm`` and ``--file_mode`` options only.
``mounttest`` image is currently used by:
##### downwardapi_volume.go
- e2e: Downward API volume
- version: 0.6
- args: --file_content, --break_on_expected_content, --retry_time, --file_content_in_loop
##### empty_dir.go
- e2e: EmptyDir volumes
- version: 0.5
- args: --file_perm, --file_perm, ...
##### host_path.go
- e2e: hostPath
- version: 0.6
- args: --file_mode, ...
##### configmap.go
- e2e: ConfigMap
- version: 0.6
- args: --file_content, --break_on_expected_content, --retry_time, --file_content_in_loop
##### service_accounts.go
- e2e: ServiceAccounts
- version: 0.2
- args: --file_content
Some of the e2e tests use at least one of the affected options. Locally, I have updated all version of mounttest images to 0.7. All e2e tests pass with the new image.
- create 100 PV, ranging from 0 to 99GB; create 1 PVC to claim 50GB. Verify only one PV is bound and rest are pending
- create 2 PVs with different access modes (RWM, RWO), 1 PVC to claim RWM PV. Verify RWM is bound and RWO is not bound.
Signed-off-by: Huamin Chen <hchen@redhat.com>
Automatic merge from submit-queue
Refactor persistent volume controller
Here is complete persistent controller as designed in https://github.com/pmorie/pv-haxxz/blob/master/controller.go
It's feature complete and compatible with current binder/recycler/provisioner. No new features, it *should* be much more stable and predictable.
Testing
--
The unit test framework is quite complicated, still it was necessary to reach reasonable coverage (78% in `persistentvolume_controller.go`). The untested part are error cases, which are quite hard to test in reasonable way - sure, I can inject a VersionConflictError on any object update and check the error bubbles up to appropriate places, but the real test would be to run `syncClaim`/`syncVolume` again and check it recovers appropriately from the error in the next periodic sync. That's the hard part.
Organization
---
The PR starts with `rm -rf kubernetes/pkg/controller/persistentvolume`. I find it easier to read when I see only the new controller without old pieces scattered around.
[`types.go` from the old controller is reused to speed up matching a bit, the code looks solid and has 95% unit test coverage].
I tried to split the PR into smaller patches, let me know what you think.
~~TODO~~
--
* ~~Missing: provisioning, recycling~~.
* ~~Fix integration tests~~
* ~~Fix e2e tests~~
@kubernetes/sig-storage
<!-- Reviewable:start -->
---
This change is [<img src="http://reviewable.k8s.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](http://reviewable.k8s.io/reviews/kubernetes/kubernetes/24331)
<!-- Reviewable:end -->
Fixes#15632
The key to path mapping allows pod to specify different name (thus location) of each secret.
At the same time refactor the volume plugin to use AtomicWritter to project secrets to files in a volume.
Update e2e Secrets test, the secret file permission has changed from 0444 to 0644
Remove TestPluginIdempotent as the AtomicWritter is responsible for secret creation
Automatic merge from submit-queue
Add init containers to pods
This implements #1589 as per proposal #23666
Incorporates feedback on #1589, creates parallel structure for InitContainers and Containers, adds validation for InitContainers that requires name uniqueness, and comments on a number of implications of init containers.
This is a complete alpha implementation.
<!-- Reviewable:start -->
---
This change is [<img src="http://reviewable.k8s.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](http://reviewable.k8s.io/reviews/kubernetes/kubernetes/23567)
<!-- Reviewable:end -->
