Automatic merge from submit-queue (batch tested with PRs 45852, 45965, 45941)
Update k8s.io/gengo dependency
**What this PR does / why we need it**:
Brings in changes to improve type checker and deep copy
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 45852, 45965, 45941)
Examples: fixed cassandra mirror detection that assumes an FTP site will always be presented
**What this PR does / why we need it**:
This fixes regressions in the cassandra example docker image creation scripts
**Which issue this PR fixes** : #45882
**Special notes for your reviewer**:
Pound that accept button, it will be fine.
**Release note**:
```
Fixed the cassandra docker image cassandra mirror detection logic
bumped cassandra to v3.10, as v3.9 is no longer on the mirrors
bumped ubuntu-slim to v0.9
```
Automatic merge from submit-queue
Remove the deprecated --babysit-daemons kubelet flag
```release-note
Removes the deprecated kubelet flag --babysit-daemons
```
This flag has been deprecated for over a year (git blame says marked deprecated on March 1, 2016).
Relatively easy removal - nothing in the Kubelet relies on it anymore.
There was still some stuff in the provisioning scripts. It was easy to rip out, but in general we probably need to be more disciplined about updating the provisioning scripts at the same time that we initially mark things deprecated.
Automatic merge from submit-queue
Move all API related annotations into annotation_key_constants.go
Separate from #45869. See https://github.com/kubernetes/kubernetes/pull/45869#discussion_r116839411 for details.
This PR does nothing but move constants around :)
/assign @caesarxuchao
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
stop secretly setting defaults under the pretense of negotiation
Turns out that the negotiate code in kubectl doesn't negotiate and that the clients to respect it anyway. The `--api-version` flag has been deprecated since 1.2 and the comment says to remove it in 1.3, so I finally did.
After chasing the repercussions backwards, I agree with @soltysh that the negotiate was just giving back an effectively random groupversion when the argument wasn't being set.
I tried leaving it as nil: panic. I tried setting it to empty: can't encode parameters. This isn't pretty, but it at least makes the fact that we're setting `""/v1` explicit and I think it resolves the describer problem. It also simplifies the client-cache code, which is a thing we needed.
Automatic merge from submit-queue
Disabling service-dns controller for federation kubectl tests
**What this PR does / why we need it**:
DNS was unnecessary to do kubectl tests against federation, but it was required earlier as service-controller would not start without initializing dns-provider. Now since we have the capability to disable service-dns controller, we no longer need to initialize federation-controller-manger with DNS specific stuff. So removing it.
Ref: https://github.com/kubernetes/kubernetes/pull/43136#issuecomment-287242198
**Release note**:
```
NONE
```
/cc @nikhiljindal @marun
@kubernetes/sig-federation-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 42895, 45940)
apiserver: no Status in body for http 204
Fixes http writer errors as with 204 we must not send any body.
Needed downstream for https://github.com/openshift/origin/issues/14213.
Automatic merge from submit-queue (batch tested with PRs 42895, 45940)
[Federation] Automate configuring nameserver in cluster-dns for CoreDNS provider
Addresses issue #42894#42822
**Release note**:
```
[Federation] CoreDNS server will be automatically added to nameserver resolv.conf chain When using CoreDNS as dns provider for federation during federation join.
```
cc @madhusudancs @kubernetes/sig-federation-bugs
Automatic merge from submit-queue (batch tested with PRs 45771, 45721)
Add integration tests for kube-apiextensions-server
**What this PR does / why we need it**: Add the following integration tests for `kube-apiextensions-server`:
- [x] test namespace scoped resources
- [x] test cluster scoped resources
- [x] test discovery
- [x] test no namespace rejects
- [x] test same name, different namespace
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: for #45511
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
@sttts @deads2k
Automatic merge from submit-queue
fix: required openstack heat version for conditions is 2016-10-14 / newton
This fix sets the required heat version to 2016-10-14.
In OpenStack heat the conditions statement was introduced in version 2016-10-14 | newton, accourding to:
https://docs.openstack.org/releasenotes/heat/newton.html
and more specific:
https://docs.openstack.org/developer/heat/template_guide/hot_spec.html
The conditions are used to make the assignment of public ips / floating ips optional (added in commit 4eef540876). However this template is not compatible with OpenStack heat releases prior newton and produces the following error:
```
ERROR: Failed to validate: : resources.kube_minions: : "condition" is not a valid keyword inside a output definition
```
PR without a release note:
```release-note
NONE
```
Automatic merge from submit-queue
Update go version in Godeps.json
**What this PR does / why we need it**:
Update go version in Godeps.json to go1.8. Looks like the staging ones were already done, but not the top level one.
```
godeps update -goversion
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 45709, 41939)
Add an AEAD encrypting transformer for storing secrets encrypted at rest
Tweak the ValueTransformer interface slightly to support additional
context information (to allow authenticated data to be generated by the
store and passed to the transformer). Add a prefix transformer that
looks for known matching prefixes and uses them. Add an AES GCM
transformer that performs AEAD on the values coming in and out of the
store.
Implementation of https://docs.google.com/document/d/1lFhPLlvkCo3XFC2xFDPSn0jAGpqKcCCZaNsBAv8zFdE/edit# and https://github.com/kubernetes/kubernetes/issues/12742
Automatic merge from submit-queue (batch tested with PRs 45709, 41939)
delete err when return _
Signed-off-by: yupengzte <yu.peng36@zte.com.cn>
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 45884, 45879, 45912, 45444, 45874)
fix: typo in redis example
**What this PR does / why we need it**: The `bind 0.0.0.0` rule should end up in the sentinel config, not the script output.
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 45884, 45879, 45912, 45444, 45874)
Update Minio example
**What this PR does / why we need it**:
Added examples for Minio standalone and distributed modes
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
- Add latest image tag in Minio image.
- Remove command and use args instead, inline with latest change in Minio.
**Release note**:
```
Updates Minio server deployment example.
```
Automatic merge from submit-queue (batch tested with PRs 45884, 45879, 45912, 45444, 45874)
Use patched version of Go 1.8.1 to eliminate performance regression
Ref https://github.com/kubernetes/kubernetes/issues/45216
Until this is solved in Go (it's still unclear whether there will be patch release with the fix or not), this is solving the problem on our side.
Automatic merge from submit-queue (batch tested with PRs 44520, 45253, 45838, 44685, 45901)
API for server side tabular output
These are the APIs necessary to implement propsoal kubernetes/community#363
They consist of a new meta group (v1alpha1) that indicates these are alpha apis for the server as a whole, a new kind `TableList` which is a simple row + header arranged table capable of returning both object and columnar data, a `TableListOptions` for altering the behavior of the return, and `PartialObjectMetadata` which is an "interface" style API object which allows a client to ask any object for their metadata (without having to know how to parse the object or perform gymnastics).
Extracted from #40848
A few minor tweaks still required.
Automatic merge from submit-queue (batch tested with PRs 44520, 45253, 45838, 44685, 45901)
start serving customresourcedefinition based on status
This exposes the `customresourcedefinition/status` endpoint, wires a controller to drive `NameConflict` conditions, and serves discovery from status, not spec.
Next steps after this include wiring the conditions into handling and reswizzling the handling chain to be cleaner now that we have a custom mux.
Automatic merge from submit-queue (batch tested with PRs 44520, 45253, 45838, 44685, 45901)
Ensure ordering of using dynamic kubelet config and setting up tests.
This PR simply places the body of the eviction test within its own context. This ensures that the kubelet config is set before the pods are created, and that the kubelet config is reverted only after the pods are deleted.
Tweak the ValueTransformer interface slightly to support additional
context information (to allow authenticated data to be generated by the
store and passed to the transformer). Add a prefix transformer that
looks for known matching prefixes and uses them. Add an AES GCM
transformer that performs AEAD on the values coming in and out of the
store.
Automatic merge from submit-queue (batch tested with PRs 45247, 45810, 45034, 45898, 45899)
[Federation] Segregate DNS related code to separate controller
**What this PR does / why we need it**:
This is the continuation of service controller re-factor work as outlined in #41253
This PR segregates DNS related code from service controller to another controller `service-dns controller` which manages the DNS records on the configured DNS provider.
`service-dns controller` monitors the federated services for the ingress annotations and create/update/delete DNS records accordingly.
`service-dns controller` can be optionally disabled and DNS record management could be done by third party components by monitoring the ingress annotations on federated services. (This would enable something like federation middleware for CoreDNS where federation api server could be used as a backend to CoreDNS eliminating the need for etcd storage.)
**Special notes for your reviewer**:
**Release note**:
```
Federation: A new controller for managing DNS records is introduced which can be optionally disabled to enable third party components to manage DNS records for federated services.
```
cc @kubernetes/sig-federation-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 45247, 45810, 45034, 45898, 45899)
kubectl plugin: Expand environment variables in the command of plugin.yaml
**What this PR does / why we need it**:
This commit improves kubectl plugins to expand environment variables in the command of plugin.yaml.
I'd like to use environment variables in the command of plugin.yaml as follows:
```yaml
name: hello
shortDesc: "The hello plugin"
longDesc: >
The hello plugin is a new
plugin used by test-cmd
to test multiple plugin locations.
command: $HOME/path/to/plugins/hello.sh
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 45247, 45810, 45034, 45898, 45899)
Apiregistration v1alpha1→v1beta1
Promoting apiregistration api from v1alpha1 to v1beta1.
API Registration is responsible for registering an API `Group`/`Version` with
another kubernetes like API server. The `APIService` holds information
about the other API server in `APIServiceSpec` type as well as general
`TypeMeta` and `ObjectMeta`. The `APIServiceSpec` type have the main
configuration needed to do the aggregation. Any request coming for
specified `Group`/`Version` will be directed to the service defined by
`ServiceReference` (on port 443) after validating the target using provided
`CABundle` or skipping validation if development flag `InsecureSkipTLSVerify`
is set. `Priority` is controlling the order of this API group in the overall
discovery document.
The return status is a set of conditions for this aggregation. Currently
there is only one condition named "Available", if true, it means the
api/server requests will be redirected to specified API server.
```release-note
API Registration is now in beta.
```
