Automatic merge from submit-queue
Fix so setup-files don't recreate/invalidate certificates that already exist
Fixes: #23197 and a lot of other DNS and dashboard issues
This is quite critical for `docker`-based users and should be considered as a **cherrypick-candidate** as it makes a lot of people wonder why Dashboard and/or DNS doesn't work. Example: https://github.com/kubernetes/dashboard/issues/374
Earlier when you shut your `docker.md` cluster down and started it again, all ServiceAccounts became invalidated by `setup-files` that happily ran once again and replaced all files. That made `apiserver` and `controller-manager` pick up the new certs (or there was a race condition, they _could_ have picked up the old certs too, but that's unlikely) and the old certs were put into `/var/run/secrets` because the ServiceAccount's Secrets were stored in etcd, which `setup-files` didn't touch.
@fgrzadkowski @huggsboson @thockin @mikedanese @vishh @pwittrock @eparis @bgrant0607
Automatic merge from submit-queue
A pod never terminated if a container image registry was unavailable
Fixes https://github.com/kubernetes/kubernetes/issues/23742
Fixes https://github.com/kubernetes/kubernetes/issues/22045
Pods will now show proper status when this happens as well:
```
$ cluster/kubectl.sh get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
test foo-4072956304-1g8qs 0/1 RegistryUnavailable 0 7s
test foo-4072956304-i045g 0/1 RegistryUnavailable 0 7s
test foo-4072956304-qem2n 0/1 RegistryUnavailable 0 7s
```
Where as previously they would never report a reason.
I also removed the "temporary" part of the message because we have no idea if its temporary or permanent.
/cc @kubernetes/sig-node @kubernetes/rh-cluster-infra
Automatic merge from submit-queue
Migrate gke-trusty test jobs to 1.2
Following up #23100 and #23139, #23319, migrate all gke-trusty jobs to the
`release-1.2` branch, add parallel and subnet test jobs, and bump timeouts
accordingly.
Tested with `jenkins-jobs test`. Manually diff'ed gke-trusty jobs against their equivalent gke jobs. For example,
```
# diff /tmp/jobs0324/kubernetes-e2e-gke-test /tmp/jobs0324/kubernetes-e2e-gke-trusty-test
4c4
< <description>Run E2E tests on GKE test endpoint. Test owner: GKE on-call.<!-- Managed by Jenkins Job Builder --></description>
---
> <description>Run E2E tests on GKE test endpoint. Test owner: wonderfly@google.com.<!-- Managed by Jenkins Job Builder --></description>
49c49
< export PROJECT="k8s-jkns-e2e-gke-test"
---
> export PROJECT="kubekins-e2e-gke-trusty-test"
51a52
> export E2E_NAME="jkns-gke-e2e-test-trusty"
228c229
< <recipientList>$DEFAULT_RECIPIENTS</recipientList>
---
> <recipientList>wonderfly@google.com,qzheng@google.com</recipientList>
```
@spxtr @roberthbailey @ihmccreery Can you review this?
cc/ @andyzheng0831
Automatic merge from submit-queue
Update port forward e2e for go 1.6
Only close the stdout/stderr pipes from kubectl port-forward when we're truly done with the command,
instead of as soon as runPortForward exits.
Also try to gracefully stop kubectl port-forward via SIGINT, instead of always sending SIGKILL, as
this will help avoid spdy goroutine leaks in the Kubelet.
Ref #22149
cc @smarterclayton @kubernetes/rh-cluster-infra
Automatic merge from submit-queue
Trusty: Regional release .tar.gz support
@zmerlynn and @roberthbailey please review it. This change is to support the feature added in PR #22234. The entire logic is pretty much the same as in #22234, with only few minor changes in implementation.
I had manually run e2e tests with "export RELEASE_REGION_FALLBACK=true" on two clusters: (1) Trusty on master nodes on ContainerVM; (2) Master and nodes all on trusty. All tests are green. I don't figure out a way to simulate regional fallback. But I did test the function download_or_bust() out-of-box.
cc/ @wonderfly @dchen1107 @fabioy FYI.
Sync the examples with the scripts usage so we don't need to update this
doc with every new branch.
Supporting updates to docs/devel/pull-requests.md#release-notes.
Automatic merge from submit-queue
Add support for 3rd party objects to kubectl
@deads2k @jlowdermilk
Instructions for playing around with this:
Run an apiserver with third party resources turned on (`--runtime-config=extensions/v1beta1=true,extensions/v1beta1/thirdpartyresources=true`)
Then you should be able to:
```
kubectl create -f rsrc.json
```
```json
{
"metadata": {
"name": "foo.company.com"
},
"apiVersion": "extensions/v1beta1",
"kind": "ThirdPartyResource",
"versions": [
{
"apiGroup": "group",
"name": "v1"
},
{
"apiGroup": "group",
"name": "v2"
}
]
}
```
Once that is done, you should be able to:
```
curl http://<server>/apis/company.com/v1/foos
```
```
curl -X POST -d @${HOME}/foo.json http://localhost:8080/apis/company.com/v1/namespaces/default/foos
```
```json
{
"kind": "Foo",
"apiVersion": "company.com/v1",
"metadata": {
"name": "baz"
},
"someField": "hello world",
"otherField": 1
}
```
After this PR, you can do:
```
kubectl create -f foo.json
```
```
kubectl get foos
```
etc.
Automatic merge from submit-queue
Migrate to the new conversion generator - part1
This PR contains two commits:
- few more fixes to the generator
- migration of the pkg/api/v1 to use the new generator
The second commit is big, but I reviewed the changes and they contain:
- conversions between types that we didn't even generating conversion between
- changes in how we handle maps/pointers/slices - previously we were explicitly referencing fields, now we are using "shadowing in, out" to make the code more generic
- lack of auto-generated method for ReplicationControllerSpec (because these types are different (*int vs int for Replicas) and a preexisting conversion already exists
Most of issues in the first commit (e.g. adding references to "in" and "out" for slices/maps/points) were discovered by our tests. So I'm pretty confident that this change is correct now.
Automatic merge from submit-queue
Retry github and godep operations in test-dockerized.sh
closes#21887.
Attempt to mitigate go get and godep flakes by retrying a few times inside of jenkins
Automatic merge from submit-queue
storage.Interface KV impl. of etcd v3
This is the initial implementation of #22448.
The PR consists of two parts:
- add godep of "clientv3" and "integration" (for testing)
- create new package "etcd3" under "pkg/storage/"
- implement KV methods of storage.Interface using etcd v3 APIs
- Create, Set, Get, Delete, GetToList, List, GuaranteedUpdate
Automatic merge from submit-queue
Add a protobuf serializer
Provide a core protobuf serializer that can either write objects with
an envelope (a 4 byte prefix and a runtime.Object) or raw to a byte
array.
Makes a few small refactors to prepare for streaming codecs (watch)
including a new constructor for the codec factory.
@kubernetes/sig-api-machinery the bulk of this is not compiled by
default (under the 'proto' tag), but lays groundwork the enablement
here.
