Automatic merge from submit-queue
Fixed kibana image and controller to work through proxy
As described in #34969, new kibana image doesn't work properly with proxies without additional configuration.
@piosz
Stopping a sandbox includes reclaiming the network resources. By always
stopping the sandbox before removing it, we reduce the possibility of leaking
resources in some corner cases.
Automatic merge from submit-queue
Disable the test-owners verify step until the merge conflicts are resolved
It's causing more pain than it's preventing currently. There should be some simpler ways to fix this.
Automatic merge from submit-queue
[Federation][init-02] Stop passing command factory to the init command.
Please review only the last commit here. This is based on PR #35856 which will be reviewed independently.
Design Doc: PR #34484
cc @kubernetes/sig-cluster-federation @nikhiljindal
Pods which are evicted by the nodecontroller due to network
malfunction, or unresponsive kubelet should be differentiated
from termination initiated by other sources. The reason/message
are consumed by kubectl to provide a better summary using get/describe.
--v=2 is low noise (record changes), can be default
--v=3 will shows per request logging
Note: due to the code path with which we integrate with
skydns, we don't see non-PILLAR_DOMAIN requests, so these
will never be logged.
Automatic merge from submit-queue
Fix typo in local-up-cluster
Use curly braces instead of round ones for bash variable expansion. The
script complains about unknown ROOT_CA_FILE when running with
KUBE_ENABLE_CLUSTER_DNS=true.
Automatic merge from submit-queue
[Federation] Add unit tests for `kubefed init`'s certificate generator.
Please review only the last commit here. This is based on PR #35594 which will be reviewed independently.
These are a subset of unit tests for code introduced in PR #35594
Design Doc: PR #34484
cc @kubernetes/sig-cluster-federation @quinton-hoole
Automatic merge from submit-queue
always allow decoding of status when returned from the API
`unversioned.Status` should be able to come back from any API version and still be properly decoded. This doesn't happen today by default.
@smarterclayton Our projectrequest endpoint returns a `Status` object on a 200 return from list to indicate everything went well. This (or something like it) is needed to make the API accepted by `kubectl`. Alternatively, we change the API to return a different (still not a `Project`) value from list, which still feels wrong.
Automatic merge from submit-queue
Populate Node.Status.Addresses with Hostname
This PR is supposed to address #22063
Currently `NodeName` has to be a resolvable dns address on the master to allow apiserver -> kubelet communication (exec, log, port-forward operations on a pod). In some situations this is unfortunate (see the discussions on the issue).
The PR aims to do the following:
- Populate the `Type: Hostname` in the `Node.Status.Addresses` array, the type is already defined, but was not used so far.
- Add logic to resolve a Node's Hostname when the apiserver initiates communication with the Kubelet, instead of using the Nodename string as Hostname.
```release-note
The hostname of the node (as autodetected by the kubelet, specified via --hostname-override, or determined by the cloudprovider) is now recorded as an address of type "Hostname" in the status of the Node API object. The hostname is expected to be resolveable from the apiserver.
```
Automatic merge from submit-queue
promote /healthz and /metrics to genericapiserver
Promotes `/healthz` to genericapiserver with methods to add healthz checks before running.
Promotes `/metrics` to genericapiserver gated by config flag.
@lavalamp adds the healthz checks linked to `postStartHooks` as promised.
Automatic merge from submit-queue
clean up client version negotiation to handle no legacy API
Version negotiation fails if the legacy API endpoint isn't available.
This tightens up the negotiation interface based to more clearly express what each stage is doing and what the constraints on negotiation are. This is needed to speak to generic API servers.
@kubernetes/kubectl
Automatic merge from submit-queue
Don't rely on device name provided by Cinder
See issue #33128
We can't rely on the device name provided by Cinder, and thus must perform
detection based on the drive serial number (aka It's cinder ID) on the
kubelet itself.
This patch re-works the cinder volume attacher to ignore the supplied
deviceName, and instead defer to the pre-existing GetDevicePath method to
discover the device path based on it's serial number and /dev/disk/by-id
mapping.
This new behavior is controller by a config option, as falling back
to the cinder value when we can't discover a device would risk devices
not showing up, falling back to cinder's guess, and detecting the wrong
disk as attached.
Automatic merge from submit-queue
Add BindNetwork to genericapiserver Config
This is needed for downstream use:
`BindNetwork` is the type of network to bind to - defaults to "tcp4", accepts "tcp", "tcp4", and "tcp6".
Automatic merge from submit-queue
Corect filtering of OpenStack LBaaS resources to delete
Neutron's API ignores unknown parameters. When listing pools etc, K8
attempts to filter on "LoadBalancerID", which is not a valid filter.
As such, it is ignored by Neutron, and a list of all pools is
returned. K8 then proceeds to delete each of the pools.
Instead, we now double check the resources really belong to the LB
we're trying to delete.
Fixes issue #33759
