Commit Graph

60776 Commits

Author SHA1 Message Date
Mike Wilson
b04a88cc9e Adding support for changing default backend and nginx container images 2018-01-19 16:40:57 -05:00
Kubernetes Submit Queue
6ec4cb107e
Merge pull request #57642 from lichuqiang/serviceEvent
Automatic merge from submit-queue (batch tested with PRs 58517, 57642). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix event message when processing loadbalancer update

**What this PR does / why we need it**:
When a service get updated, in func [processServiceUpdate](https://github.com/kubernetes/kubernetes/blob/master/pkg/controller/service/service_controller.go#L249), we process its LB accordingly, that is, create one if the service requests and no corresponding loadbalancer exists; and delete potential  orphaned load balancer if the service does not need it any more.
But if a service does not `wantsLoadBalancer` but get error when trying to `GetLoadBalancer`, user could find an event in format of "CreatingLoadBalancerFailed..."[here](https://github.com/kubernetes/kubernetes/blob/master/pkg/controller/service/service_controller.go#L261), which would confusing users. So we should generate event info according to service type.

**Special notes for your reviewer**:
/sig network

**Release note**:

```release-note
NONE
```
2018-01-19 13:05:34 -08:00
Kubernetes Submit Queue
71d93ab689
Merge pull request #58517 from deads2k/admission-20-flags
Automatic merge from submit-queue (batch tested with PRs 58517, 57642). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

 make kube-apiserver admission flag disable other plugins 98eb592

The old kube-apiserver flag for enabling admission plugins implicitly disabled ones that were unmentioned.  This restores that behavior.

followup to https://github.com/kubernetes/kubernetes/pull/58123

@hzxuzhonghu You're pretty deep into this now.  ptal

/assign hzxuzhonghu
/assign sttts
2018-01-19 13:05:31 -08:00
Marcin Owsiany
313128d760 Make IsConnectionReset work with more error implementations. 2018-01-19 21:49:04 +01:00
Bowei Du
aaa3dfd695 GCE: Check that the key is valid for each call 2018-01-19 12:03:43 -08:00
Bowei Du
a2b222c94e GCE: Fix Valid() to check for proper region/zone names 2018-01-19 12:03:39 -08:00
Jordan Liggitt
b4fb25261e
return reason for allowed rbac authorizations
includes the binding, role, and subject that allowed a request so audit can make use of it
2018-01-19 14:32:39 -05:00
juanvallejo
13add66f1e
tolerate more than one gvklist item
Some third-party resources could be part of more than one api group.
Allow this to be the case when adding openapi models to openapi data.
2018-01-19 14:24:03 -05:00
David Eads
4ce7bcced4 generated 2018-01-19 14:08:28 -05:00
David Eads
ad16803470 add options for min tls levels 2018-01-19 14:08:27 -05:00
Filipe Brandenburger
e98ba5021e Skip log path tests when they are expected to fail.
The log path test is not expected to pass unless the Docker is using the
JSON logging driver, since that's what the log path is trying to find.
When Docker is using the journald logging driver, there will be no JSON
files in the logging directories for it to find.

Furthermore, when SELinux support is enabled in the Docker daemon,
SELinux will prevent processes running inside Docker containers from
accessing the log files owned by Docker (which is what this test is
trying to accomplish), so let's also skip this test in case SELinux
support is enabled.

Tested:

- With Docker daemon started using --log-driver=journald:

    S [SKIPPING] in Spec Setup (BeforeEach) [8.193 seconds]
    [k8s.io] ContainerLogPath
      Pod with a container
        printed log to stdout
          should print log to correct log path [BeforeEach]
          Jan  3 18:33:44.869: Skipping because Docker daemon is using a logging driver other than "json-file": journald

- With Docker daemon started using --selinux-enabled:

    S [SKIPPING] in Spec Setup (BeforeEach) [8.488 seconds]
    [k8s.io] ContainerLogPath
      Pod with a container
        printed log to stdout
          should print log to correct log path [BeforeEach]
          Jan  3 18:35:58.909: Skipping because Docker daemon is running with SELinux support enabled

- With Docker started using JSON logging driver and with SELinux disabled:

    • [SLOW TEST:16.352 seconds]  (passed)
    [k8s.io] ContainerLogPath
      Pod with a container
        printed log to stdout
          should print log to correct log path
    Ran 1 of 256 Specs in 36.428 seconds
    SUCCESS! -- 1 Passed | 0 Failed | 0 Pending | 255 Skipped
2018-01-19 10:51:13 -08:00
Kubernetes Submit Queue
47b89aaf8f
Merge pull request #58493 from bowei/cp-firewall
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

GCE: firewall

GCE: firewalls to use generated code

```release-note
NONE
```
2018-01-19 10:35:20 -08:00
Kubernetes Submit Queue
07ad1f7176
Merge pull request #58340 from gmarek/dropped
Automatic merge from submit-queue (batch tested with PRs 58446, 58459, 58340). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add apiserver metric for number of requests dropped by 'max-inflight-requests' filters.

Useful for figuring out on which dimension master is overloaded.

cc @sttts @lavalamp @deads2k @timothysc @hulkholden
2018-01-19 09:49:32 -08:00
Kubernetes Submit Queue
73f95837f8
Merge pull request #58459 from deads2k/scheduler-04-handle-empty
Automatic merge from submit-queue (batch tested with PRs 58446, 58459, 58340). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

handle scheduler without exposed ports

Plumbs the scheduler port opt out more completely.  When the metrics server was added, the deprecated paths forgot about it.
2018-01-19 09:49:29 -08:00
Kubernetes Submit Queue
0dd88a1fb8
Merge pull request #58446 from hzxuzhonghu/sample-controleer
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

upgrade sample-controller deployment to apps/v1

**What this PR does / why we need it**:

apps/v1 is GA


**Release note**:

```release-note
NONE
```
/assign @sttts @nikhita
2018-01-19 09:42:03 -08:00
Shyam Jeedigunta
60bd9ab906 Benchmarking script pretty-prints results into a separate file 2018-01-19 18:33:30 +01:00
Manuel de Brito Fontes
a39ae8ee08 Show all the annotations in ingress rules 2018-01-19 14:13:17 -03:00
André Bauer
cbfcc3f0fb updated iamge & configmap versions 2018-01-19 18:08:33 +01:00
André Bauer
9ab59becbf updated fluentd configmap with 1.1.0 compatible version 2018-01-19 18:06:03 +01:00
André Bauer
ec187f729c
Merge branch 'master' into fluentd-1.1.0 2018-01-19 17:29:49 +01:00
André Bauer
e457d6c14b updated fluentd-es-image to use fluentd 1.1.0 2018-01-19 17:20:30 +01:00
Kubernetes Submit Queue
f9bb978ad6
Merge pull request #58123 from hzxuzhonghu/refactor-admission-flag
Automatic merge from submit-queue (batch tested with PRs 58496, 58078, 58123). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

refactor admission flag

**What this PR does / why we need it**:

Refactor admission control flag, finally make cluster admins not care about orders in this flag.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
Add `--enable-admission-plugin` `--disable-admission-plugin` flags and deprecate `--admission-control`.
Afterwards, don't care about the orders specified in the flags.
```
2018-01-19 07:22:29 -08:00
Kubernetes Submit Queue
fdfa5e47f4
Merge pull request #58078 from dims/better-check-for-gce-vm
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Better check for GCE VM

**What this PR does / why we need it**:
we should do what is being done in GoogleCloudPlatform/google-cloud-go:
https://github.com/GoogleCloudPlatform/google-cloud-go/blob/master/compute/metadata/metadata.go#L259-L267

Looks like folks are reusing appliances which end up with
```
$ cat /sys/class/dmi/id/product_name
Google Search Appliance
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #57760

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-01-19 07:07:30 -08:00
Mike Wilson
531c9a81c1 Changing where the charm gets network addresses in order to support network spaces. 2018-01-19 10:00:46 -05:00
Jan Safranek
24400c24ae Clean up error messages for pre-bound PVCs.
When a PVC explicitly requests specific PV and the PV does not match,
we should tell the user what exactly does not match.

From:
Volume's size is smaller than requested or volume's class does not match with claim

To:
Cannot bind to requested volume "<volume name>": %s
where %s is one of:
- requested PV is too small
- storageClasseNames do not match
- incompatible volumeMode
- error checking volumeMode: api defaulting for volumeMode failed (this should not ever happen)
2018-01-19 15:43:45 +01:00
Kubernetes Submit Queue
630b943e00
Merge pull request #58496 from liggitt/hack-owner
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add liggitt to hack approvers

* Authored ~60 commits involving this folder
* Already an approver on things with components in hack (CLI tests, apiserver changes requiring local-up-cluster changes, fixtures and testdata, etc)

```release-note
NONE
```
2018-01-19 06:21:56 -08:00
Kubernetes Submit Queue
a0a81086cd
Merge pull request #58515 from databus23/patch-2
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix UpdatePodWithRetries godoc documentation

```release-note
NONE
```
2018-01-19 05:19:06 -08:00
Zero King
4842c6af4f Fix typo 2018-01-19 13:17:28 +00:00
David Eads
98eb592291 make kube-apiserver admission flag disable other plugins 2018-01-19 08:14:04 -05:00
Kubernetes Submit Queue
a8a418b0ae
Merge pull request #58504 from bowei/cp-targetpool
Automatic merge from submit-queue (batch tested with PRs 58053, 58504). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Update TargetPool to use generated code

```release-note
NONE
```
2018-01-19 05:11:27 -08:00
Simon Ferquel
72376f26ef kubeadm: Allows to specify custom flag values for control plane components
This makes it possible to override / add flag values to the k8s api server, controller manager and scheduler components on `kubeadm init` and `kubeadm alpha controlplane <component>`

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2018-01-19 13:39:56 +01:00
Fabian Ruff
c0ced154eb
Fix UpdatePodWithRetries inline documentation 2018-01-19 12:57:24 +01:00
Humble Chirammal
2c34b9cf77 Add Namespace to glusterfs custom volume names.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2018-01-19 17:07:08 +05:30
Kubernetes Submit Queue
62616d79ad
Merge pull request #58053 from tianshapjq/nit-errUnsupportedVersion
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

typo of errUnsuportedVersion

**What this PR does / why we need it**:
typo of errUnsuportedVersion in pkg/kubelet/cm/deviceplugin/types.go

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note

```NONE
2018-01-19 03:26:34 -08:00
Kubernetes Submit Queue
49c729eef4
Merge pull request #58501 from bowei/cp-zones
Automatic merge from submit-queue (batch tested with PRs 56948, 58365, 58501). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Update Zones to use generated code

Update Zones to use generated code
```release-note
NONE
```
2018-01-19 01:12:33 -08:00
Kubernetes Submit Queue
5a572d3e27
Merge pull request #58365 from ashleyschuett/fix/spelling
Automatic merge from submit-queue (batch tested with PRs 56948, 58365, 58501). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fixed spelling of Promethus to Prometheus

Release note:
```release-note
NONE
```
2018-01-19 01:12:30 -08:00
Kubernetes Submit Queue
3256546a79
Merge pull request #56948 from MrHohn/esipp-remove-feature-gate
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Remove ExternalTrafficLocalOnly from kube_feature gate

*What this PR does / why we need it**:
This PR is for v1.10.

External Source IP Preservation (ESIPP) had been promoted to GA since 1.7. Following the proposal on https://github.com/kubernetes/kubernetes/issues/46404#issuecomment-303939180, we should be able to remove it from feature gate now.

Added release note to announce this.

Also ref the previous attempt: https://github.com/kubernetes/kubernetes/pull/45857.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #56645

**Special notes for your reviewer**:

**Release note**:

```release-note
"ExternalTrafficLocalOnly" has been removed from feature gate. It has been a GA feature since v1.7.
```
2018-01-19 00:35:01 -08:00
Kubernetes Submit Queue
6b57037432
Merge pull request #58489 from bowei/cp-routes
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

GCE: Change routes to use the generated code

GCE: Change routes to use the generated code

```release-note
NONE
```
2018-01-18 23:49:37 -08:00
Bowei Du
87355e4aed Update TargetPool to use generated code 2018-01-18 23:10:39 -08:00
Kubernetes Submit Queue
e5216fe1ed
Merge pull request #58436 from bowei/cp-ingress
Automatic merge from submit-queue (batch tested with PRs 57908, 58436). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Updates UrlMap, BackendService, Healthcheck, Certs, InstanceGroup to use the generated code

Updates UrlMap, BackendService, Healthcheck, Certs, InstanceGroup to use the generated code

```release-note
NONE
```
2018-01-18 23:03:30 -08:00
Di Xu
eaac0f5489 Openstack: register metadata.hostname as node name 2018-01-19 15:01:45 +08:00
Kubernetes Submit Queue
a7e398819c
Merge pull request #57908 from rpothier/proxy-prefix
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Kubeadm: clean up MarshalToYamlForCodecs

Proxy will use PrintBytesWithLinePrefix to indent.


**What this PR does / why we need it**:
This removed the function MarshalToYamlForCodecsWithShift() and the proxy
code will use PrintBytesWithLinePrefix() to shift over the yaml lines.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #57907

**Special notes for your reviewer**:

**Release note**:

```release-note-none
```
2018-01-18 22:47:37 -08:00
tianshapjq
fdf4a00a63 testcase to pkg/kubelet/cadvisor/util.go 2018-01-19 14:30:45 +08:00
Bowei Du
20bace876b Update Zones to use generated code 2018-01-18 22:15:58 -08:00
Bowei Du
b239257a83 Update bazel 2018-01-18 22:06:34 -08:00
Kubernetes Submit Queue
fcff8bcc40
Merge pull request #58479 from ericchiang/fix-advanced-auditing-release-note
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

CHANGELOG: feature flag is "AdvancedAuditing" not "AdvancedAudit"

https://github.com/kubernetes/kubernetes/blob/v1.9.2/staging/src/k8s.io/apiserver/pkg/features/kube_features.go#L44

cc @liggitt @sttts 

```release-note
NONE
```
2018-01-18 21:57:41 -08:00
Kubernetes Submit Queue
e056dde7ea
Merge pull request #58491 from bowei/cp-forwarding
Automatic merge from submit-queue (batch tested with PRs 58104, 58492, 58491). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

GCE: forwarding rules to use generated code

GCE: forwarding rules to use generated code

```release-note
NONE
```
2018-01-18 21:57:34 -08:00
Kubernetes Submit Queue
165d1f6e6f
Merge pull request #58492 from bowei/cp-address
Automatic merge from submit-queue (batch tested with PRs 58104, 58492, 58491). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

GCE: addresses to use generated code

GCE: addresses to use generated code

```release-note
NONE
```
2018-01-18 21:57:32 -08:00
Kubernetes Submit Queue
7ad797e1cc
Merge pull request #58104 from ihmccreery/no-firewall
Automatic merge from submit-queue (batch tested with PRs 58104, 58492, 58491). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Optionally prevent metadata concealment firewall from being set

**What this PR does / why we need it**: GCP: allow a master to not include a metadata concealment firewall rule (if it's not running the metadata proxy).

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
GCP: allow a master to not include a metadata concealment firewall rule (if it's not running the metadata proxy).
```
2018-01-18 21:57:29 -08:00
Bowei Du
f249968df6 Update Routes to use generated code 2018-01-18 21:39:33 -08:00