Automatic merge from submit-queue (batch tested with PRs 38525, 38977)
Prevent json decoder panic on invalid input
Related downstream issue: https://github.com/openshift/origin/issues/12132
```
# Can be replicated on kubectl with:
$ cat panic.json
{
"kind": "Pod",
"apiVersion": "v1",
"metadata": {
"name": "",
"labels": {
"name": ""
},
"generateName": "",
"namespace": "",
"annotations": []
},
"spec": {}
},
$ kubectl create -f panic.json --validate=false
```
**Release note**:
```release-note
release-note-none
```
This patch handles cases where `ioutil.ReadAll` will return a single
character output on an invalid json input, causing the `Decode` method
to panic when it tries to calculate the line number for the syntax
error. The example below would cause a panic due to the trailing comma
at the end:
```
{
"kind": "Pod",
"apiVersion": "v1",
"metadata": {
"name": "",
"labels": {
"name": ""
},
"generateName": "",
"namespace": "",
"annotations": []
},
"spec": {}
},
```
@kubernetes/cli-review @fabianofranz
Automatic merge from submit-queue (batch tested with PRs 38942, 38958)
Refactor port allocation logic a little, deflake tests.
This should fix#38323 for real.
@xiangpengzhao @rmmh @justinsb
Switch to manually cranking over the port filling logic, since there was a race between the allocate logic and the check to see if the port was freed up.
Automatic merge from submit-queue (batch tested with PRs 38080, 38903)
prevent negotation on connections that dont' require it
Not all clientconfigs require negotiation. Before there was a patch (hardcoded to an instance variable) that allowed this. This updates the code to allow the same as before.
@kubernetes/sig-cli @fabianofranz
@ncdc you'll want to pick
Automatic merge from submit-queue (batch tested with PRs 34353, 33837, 38878, 38961)
Reduce amount of allocations in cacher
Currently we are unnecessary copying stuff around in cacher.
This results in __tens of megabytes__ of allocations per __second__ in large clusters. This in turn results in expensive GC. Should help with metrics.
@gmarek
Automatic merge from submit-queue (batch tested with PRs 34353, 33837, 38878)
Revert "daemonset: bail out after we enqueue once"
I get overzealous sometimes.
Reverts kubernetes/kubernetes#38780
Automatic merge from submit-queue
Remove two zany unit tests.
These two tests aren't unit tests in the usual sense. We can consider switching them to run as verify checks, but I'm not convinced that they're even necessary.
They essentially work by searching their code for public functions with signatures that look like `FitPredicate`, then they shell out to grep to see that they're used somewhere in the source tree. This will never work in bazel.
Automatic merge from submit-queue (batch tested with PRs 37468, 36546, 38713, 38902, 38614)
Remove extensions/v1beta1 Job
Fixes https://github.com/kubernetes/kubernetes/issues/32763. This endpoint was deprecated in 1.5 and was planned to be removed in 1.6.
**Release note**:
```release-note
Remove extensions/v1beta1 Jobs resource, and job/v1beta1 generator.
```
Automatic merge from submit-queue (batch tested with PRs 37468, 36546, 38713, 38902, 38614)
rename constant MaxPatchConflicts to maxRetryWhenPatchConflicts
**What this PR does / why we need it**:
1. literally `MaxPatchConflicts` means max number of patch conflicts allowed during a patch operation. but actually in codes it is used to indicate max number of patch retry when patch conflicts happened.
2. there is no need to export this constant because it is only used in `resthandler.go` and shouldn't be used in other packages.
Signed-off-by: bruceauyeung <ouyang.qinhua@zte.com.cn>
Automatic merge from submit-queue
Admit critical pods in the kubelet
Haven't verified in a live cluster yet, just unittested, so applying do-not-merge label.
Automatic merge from submit-queue
use in-cluster kubeconfig for genericapiserver
Allow the use of the in-cluster config to communicate with the core API server for delegated authn/authz for an addon API server.
@kubernetes/sig-api-machinery @sttts
Automatic merge from submit-queue
Remove dead code in `pkg/registry/generic/registry/store.go`
Fixes#38822
Depending on the intent of the original code, the correct fix may instead be:
```go
if name, ok := p.MatchesSingle(); ok {
key, err := e.KeyFunc(ctx, name)
if err != nil {
return nil, err
}
w, err := e.Storage.Watch(ctx, key, resourceVersion, p)
if err != nil {
return nil, err
}
if e.Decorator != nil {
return newDecoratedWatcher(w, e.Decorator), nil
}
return w, nil
// if we cannot extract a key based on the current context, the optimization is skipped
}
```
Signed-off-by: Monis Khan <mkhan@redhat.com>
cc @deads2k
Automatic merge from submit-queue
genericapiserver: turn APIContainer.SecretRoutes into a real ServeMux
The secret routes `Mux` is actually a `http.ServeMux` and we are type-casting to it. For downstream we want to wrap it into a restful container which also needs a real `http.ServeMux`.
Automatic merge from submit-queue
Fix Recreate for Deployments and stop using events in e2e tests
Fixes https://github.com/kubernetes/kubernetes/issues/36453 by removing events from the deployment tests. The test about events during a Rolling deployment is redundant so I just removed it (we already have another test specifically for Rolling deployments).
Closes https://github.com/kubernetes/kubernetes/issues/32567 (preferred to use pod LISTs instead of a new status API field for replica sets that would add many more writes to replica sets).
@kubernetes/deployment
Automatic merge from submit-queue
Migrated fluentd addon to daemon set
fix#23224
supersedes #23306
``` release-note
Migrated fluentd addon to daemon set
```
Automatic merge from submit-queue
daemonset: bail out after we enqueue once
This isn't terrible because we dedup in the queue but it's a waste of
cycles.
Automatic merge from submit-queue
kubeadm: refactor discovery behind an interface
This adds support for alternative discovery methods using discovery urls. It is a breaking change. This is a WIP.
Example usage:
```
$ kubeadm init --discovery token://
$ kubeadm join --discovery token://c05de9:ab224260fb3cd718@192.168.0.1:6555,191.168.0.2:6443
$ kubeadm join --discovery file:///etc/kubernetes/cluster.json
$ kubeadm join --discovery https://storage.google.apis.com/kube-discovery/98ea6e4/kubeconfig.json
```
@kubernetes/sig-cluster-lifecycle
Automatic merge from submit-queue
make kubectl factory composeable
Alternate resolution of https://github.com/kubernetes/kubernetes/pull/38524.
Currently, the kubectl factory cannot be cleanly composed because without polymorphism, any calls which delegate to other factory methods cannot injected. We cannot reasonably predict everything a composer would want to override, so enumeration of individual "we think this field is important" function is untenable. On the other hand, having a method registry func and attaching methods to it resulted in chaos before 1.5 and the cleaner interface.
This pull takes the approach of building the factory in "rings" of subfactories. RingN relies on RingN-1 and the overall factory is a set of nested factories. No function in a "ring" is allowed to reference a peer function, but it may reference a parent ring's function. This allows us to easily compose one chain for raw kube, but an extender can simply wrap a particular ring with his custom handling of particular functions and then continue the chain as normal. This allows customization of each individual function.
It turns out that we have three rings.
1. discovery, negotiation, and no-dep functions
1. object typing and type mapping
1. stuff that relies on type mapping (builder)
This pull does nothing split apart the dependencies. No behavior changes. There's more cleanup that could be done (particularly in naming), but I'd like to defer that to a later step.
@kubernetes/sig-cli @fabianofranz @AdoHe this is going to be a pain to rebase, so quick reviews are appreciated.
@ncdc @smarterclayton
Automatic merge from submit-queue
Don't eat 403 in service controller
I haven't done a stress run of Services e2es locally yet, but I did verify that this fixes the specific "stuck in pending bug"
