Automatic merge from submit-queue (batch tested with PRs 43144, 42671, 43226, 43314, 43361)
Removal of unused mesos e2e test.
**What this PR does / why we need it**:
Remove mesos e2e test which is not used.
```
NONE
```
/cc @sttts @k82cn
Automatic merge from submit-queue (batch tested with PRs 43144, 42671, 43226, 43314, 43361)
use - to indicate audit log goes to system out
When debugging API servers, particularly aggregated API servers, it's really useful to see the audit trail in their normal pod logs. This makes `--audit-log-path=-` direct audit information to stdout.
@kubernetes/sig-api-machinery-misc
Automatic merge from submit-queue (batch tested with PRs 43144, 42671, 43226, 43314, 43361)
don't start controllers against unhealthy master
Operating against an unhealthy apiserver is unpredictable. Some clients like `kubectl` need to be best effort in this regard so that you can debug broken apiservers. Controllers shouldn't run against unhealthy masters.
Automatic merge from submit-queue (batch tested with PRs 43144, 42671, 43226, 43314, 43361)
start informers as a post-start-hook
Switches the shared informer start to a post start hook to make future API server composition easier. PostStartHooks will have to be unioned for server composition and this ensures that we don't accidentally skip starting them.
Automatic merge from submit-queue (batch tested with PRs 41297, 42638, 42666, 43039, 42567)
Delete offline restclient from clusterKubeClientMap
When federation controller manager checks cluster status, it will
delete the offline cluster from clusterSet, but do not delete the
corresponding restclient from the map clusterKubeClientMap for
the offline cluster. This patch can fix it.
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 41297, 42638, 42666, 43039, 42567)
Add the ability to lock on ConfigMaps to support HA for self hosted components
**What this PR does / why we need it**:
This PR add the ability to lock on ConfigMap objects. As we self-host more and more components, ConfigMaps provides a useful resource to lock on that applies to just the component that is being added.
This allows components such as scheduler+controller manager, etc. to have a simple mechanism to allow to active-passive HA without the cost of endpoint updates.
**Related Issues**
xref: https://github.com/kubernetes/client-go/issues/28
**Special notes for your reviewer**:
We may want to deprecate endpoints locking at some point.
**Release note**:
```
Add the ability to lock on ConfigMaps to support HA for self hosted components
```
/cc @kubernetes/sig-cluster-lifecycle-pr-reviews @mikedanese
Automatic merge from submit-queue (batch tested with PRs 41297, 42638, 42666, 43039, 42567)
Allow minion floating IPs to be optional
**What this PR does / why we need it**:
Makes the generation of floating IPs for worker nodes optional, based on an env var. To quote the original issue:
> Currently, the OpenStack installation method assigns a floating IP to every single worker node. While this is fine for smaller clusters with a good sized IP pool, it can cause issues in environments with high node counts or less IPs available.
**Which issue this PR fixes**:
https://github.com/kubernetes/kubernetes/issues/40737
**Special notes for your reviewer**:
I used the conditions section of the Heat spec: https://docs.openstack.org/developer/heat/template_guide/hot_spec.html#conditions-section
**Release note**:
```release-note
OpenStack clusters can now specify whether worker nodes are assigned a floating IP
```
Automatic merge from submit-queue
Improved test code coverage for plugin/pkg/admission/admit.
**What this PR does / why we need it**:'
part of #39559 , code coverage improved from 60% to 80%
Automatic merge from submit-queue (batch tested with PRs 42998, 42902, 42959, 43020, 42948)
[cli] fix Generator's error messages
Invalid variables are used when format error messages. This change
fixes them.
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 42998, 42902, 42959, 43020, 42948)
Export godep patch files to artifacts
**What this PR does / why we need it**:
If a godep patch file is created, and a `${WORKSPACE}/_artifacts` directory exists, copy the patch file out to it.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
cc: @fejta
Automatic merge from submit-queue (batch tested with PRs 42998, 42902, 42959, 43020, 42948)
Add Host field to TCPSocketAction
Currently, TCPSocketAction always uses Pod's IP in connection. But when a pod uses the host network, sometimes firewall rules may prevent kubelet from connecting through the Pod's IP.
This PR introduces the 'Host' field for TCPSocketAction, and if it is set to non-empty string, the probe will be performed on the configured host rather than the Pod's IP. This gives users an opportunity to explicitly specify 'localhost' as the target for the above situations.
```release-note
Add Host field to TCPSocketAction
```
Automatic merge from submit-queue
Unit test quota for nodeport associated with loadbalancer
**What this PR does / why we need it**:
This PR adds unit tests to ensure node ports associated with loadbalancers are charged to quota appropriately. The original PR that added that feature to quota lacked a unit test (https://github.com/kubernetes/kubernetes/pull/39364)
Automatic merge from submit-queue
allow fallthrough handling from go-restful routes
This sets up the gorestful routes to fall through to a default handler and reorders the API to be ahead of the other endpoints. This makes it possible to cleanly support cases of "match, fail, try this other handler" which we'll need for API server composition.
@kubernetes/sig-api-machinery-pr-reviews @ncdc
Automatic merge from submit-queue
add local option to APIService
APIServices need an option to avoid proxying in cases where the groupversion is handled later in the chain. This will allow a coherent and complete set of APIServices, but won't require extra connections.
@kubernetes/sig-api-machinery-misc @ncdc @cheftako
Automatic merge from submit-queue (batch tested with PRs 42672, 42770, 42818, 42820, 40849)
kubemark test: Bump addon-manager to v6.4-beta.1
Follow up PR of #42760. This PR bumps addon-manager to v6.4-beta.1 for kubemark test.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 42672, 42770, 42818, 42820, 40849)
Return early from eviction debug helpers if !glog.V(3)
Should keep us from running a bunch of loops needlessly.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 42672, 42770, 42818, 42820, 40849)
use separate scheme to serve the kube-aggregator
This removes a hack which used the client scheme to serve the kube-aggregator. This switches it to run from its own scheme.
@kubernetes/sig-api-machinery-pr-reviews
@ncdc
Automatic merge from submit-queue (batch tested with PRs 43048, 43624, 43649)
[Federation][e2e] Ingress delays and service DNS issues
Ingress has been seen to take >10 minutes to allocate an IP in some circumstances (even more so in parallel testing). Also, due to issues with Services and DNS, disable those tests so we can get a green grid (see #43646)
Automatic merge from submit-queue (batch tested with PRs 43048, 43624, 43649)
Remove E2E_UPGRADE_TEST check in config-test.sh
Once https://github.com/kubernetes/test-infra/pull/2330 merges, the upgrade tests will drive the exact behavior they want, and we can remove the check for envvars leaked from the job env
Automatic merge from submit-queue
Better messaging when GKE certificate signing fails.
**What this PR does / why we need it**:
On errors, the GKE signing API can respond with a JSON body that contains an error message explaining the failure. If we're able to extract it, use that message when reporting the error instead of the generic error returned by the webhook library. Also, always add an event to the CSR object on signing errors.
**Release note**:
```release-note
NONE
```
CC @mikedanese @jcbsmpsn
Automatic merge from submit-queue
fix the anchor link
**What this PR does / why we need it**:
fix the anchor links about "kubectl rolling-update" and "kubectl delete", they did not work at present.
Automatic merge from submit-queue (batch tested with PRs 43653, 43654, 43652)
CRI: Check nil pointer to avoid kubelet panic.
When working on the containerd kubernetes integration, I casually returns an empty `sandboxStatus.Linux{}`, but it cause kubelet to panic.
This won't happen when runtime returns valid data, but we should not make the assumption here.
/cc @yujuhong @feiskyer
Automatic merge from submit-queue (batch tested with PRs 43653, 43654)
[Federation] Disable the E2E test for federated replica set rebalancing
We are able to reproduce the flaky failure locally, and can debug without running this on the CI.
Automatic merge from submit-queue
[Federation] Create a unique label and label selector for each replica set created by the replica sets E2E test.
Previously, each replica set created would use the same pod labels and replica set label selectors, so tests run in parallel could conflict with each other. This ensures that each replica set test has its own set of pods to work with.
This should fix the currently-very-flaky E2E test for weighted federated replica set preferences.
When ctrl.kubeClient.Core().PersistentVolumes().Create(volume) returns no err, but storeVolumeUpdate() failed, we save PV sucessfully ,but here err is not nil,
we should not run the codes next in block if err != nil {}
same in the deletion retries below
Automatic merge from submit-queue (batch tested with PRs 43642, 43170, 41813, 42170, 41581)
Cleanup make test-integration
``make test-integration`` was using the first positional arg passed to ``WHAT`` to filter the list of integration test packages. This PR switches to passing ``WHAT`` verbatim to be consistent with how ``make test`` works. That means the new way to scope execution to a single integration package will be:
```bash
make test-integration WHAT="./test/integration/auth" KUBE_TEST_ARGS="-run=^TestKindAuthorization$"
```
Instead of:
```bash
make test-integration WHAT="auth -test.run=^TestKindAuthorization$"
```
This PR also ensures that the script exits after running a single test case and that etcd cleanup is not done twice at the end of a successful test run. Both were issues encountered while diagnosing the scoping issue.
cc: @thockin @deads2k @stevekuznetsov @ncdc @derekwaynecarr
Automatic merge from submit-queue (batch tested with PRs 43642, 43170, 41813, 42170, 41581)
Enable storage class support in Azure File volume
**What this PR does / why we need it**:
Support StorageClass in Azure file volume
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
Support StorageClass in Azure file volume
```
Automatic merge from submit-queue (batch tested with PRs 43642, 43170, 41813, 42170, 41581)
Be able to specify the timeout to wait for pod for kubectl logs/attach
Fixes https://github.com/kubernetes/kubernetes/issues/41786
current flag is `get-pod-timeout`, we can have a discussion if you have better one, default unit is seconds, above 0
@soltysh @kargakis ptal, thanks
@kubernetes/sig-cli-feature-requests
