Automatic merge from submit-queue
Do not probe so aggressively which may lead to unnecessary restarts
@errordeveloper @mikedanese PTAL
I came across a case where etcd restarted about 5-10 times because the load was very high on the machine.
The load seems to have lead to that the `etcd` container occasionally didn't respond to the probe, which caused many restart and made the whole thing even worse.
Maybe we should remove the etcd probe totally? I don't know, what do you think?
This is at least a try to loosen the limits here...
Automatic merge from submit-queue
Replace references to http://releases.k8s.io/HEAD/docs/user-guide/
All of the anchor references are broken right now, so this change fixes that (at least).
I only touched `http://releases.k8s.io/HEAD/docs/user-guide/`, as all files in `docs/user-guide` had been moved, apart `kubectl*` ones (but those aren't referenced anywhere in the code for some reason.
Automatic merge from submit-queue
fix kubectl taint e2e flake: add retries for removing taint
**What this PR does / why we need it**:
Why we need it: recent failures occurred in #29503 are caused by taints removing conflict on nodes, this PR is to fix it. (#33073 fixed taints updating conflict, but not taints removing.)
What this PR does: use `runKubectlRetryOrDie()` instead of `RunKubectlOrDie()` in all the places in "Kubectl taint" e2e tests.
**Which issue this PR fixes** : fixes part of #29503, (would like to keep this issue open for some days more to make sure no other failures occur)
**Special notes for your reviewer**: NONE
**Release note**: NONE
Automatic merge from submit-queue
Provide more detailed error message when pod fails to be success state
Return more detailed error message when it timeouts for waiting for pod to success state.
This PR extends #31895. #31895 is for running and ready state.
It is used for debugging #31561#32980
cc: @lavalamp
Automatic merge from submit-queue
Kubeadm: print information about certificates
Prints basic information about certificates to the user.
Example of `kubeadm init` output:
```
<master/pki> generated Certificate Authority key and certificate:
Issuer: CN=kubernetes | Subject: CN=kubernetes | CA: true
Not before: 2016-09-30 11:19:19 +0000 UTC Not After: 2026-09-28 11:19:19 +0000 UTC
Public: /etc/kubernetes/pki/ca-pub.pem
Private: /etc/kubernetes/pki/ca-key.pem
Cert: /etc/kubernetes/pki/ca.pem
<master/pki> generated API Server key and certificate:
Issuer: CN=kubernetes | Subject: CN=kube-apiserver | CA: false
Not before: 2016-09-30 11:19:19 +0000 UTC Not After: 2017-09-30 11:19:19 +0000 UTC
Alternate Names: [172.18.76.239 10.0.0.1 kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local]
Public: /etc/kubernetes/pki/apiserver-pub.pem
Private: /etc/kubernetes/pki/apiserver-key.pem
Cert: /etc/kubernetes/pki/apiserver.pem
<master/pki> generated Service Account Signing keys:
Public: /etc/kubernetes/pki/sa-pub.pem
Private: /etc/kubernetes/pki/sa-key.pem
```
Example of `kubeadm join` command:
```
<node/csr> received signed certificate from the API server:
Issuer: CN=kubernetes | Subject: CN=system:node:minion | CA: false
Not before: 2016-09-30 11:28:00 +0000 UTC Not After: 2017-09-30 11:28:00 +0000 UTC
```
Fixes#33642
cc @kubernetes/sig-cluster-lifecycle
Automatic merge from submit-queue
pass loopback config to poststart hooks
Updates post start hooks to take a clientconfig with the new loopback credentials for bootstrapping.
@ericchiang This is a little bit of plumbing, but mainly auth I think.
Automatic merge from submit-queue
Add ECDSA support for service account tokens
Fixes#28180
```release-note
ECDSA keys can now be used for signing and verifying service account tokens.
```
Automatic merge from submit-queue
Add test cases to test the default value of HorizontalPodAutoscaler
Add test cases to test the default value of HorizontalPodAutoscaler.
Automatic merge from submit-queue
Run hack/update-codegen.sh in release-1.4 for generating an updated 1.4 clientset
@caesarxuchao doing steps 1 and 2 as described here https://github.com/kubernetes/kubernetes/pull/33851#issuecomment-250851272
adds apps, authentication, certificates, rbac, and storage.
The reason there are substantial deletions (aside from the oneliner "this package is generated by client-gen with arguments...") is because PR https://github.com/kubernetes/kubernetes/pull/32407 added a resource to the 1.4 clientset even though the resource is not present in 1.4 and the PR is targeted to 1.5. So this corrects that, as a bonus.
Automatic merge from submit-queue
Abstraction of endpoints in leaderelection code
**Problem Statement**:
Currently the Leader Election code is hard coded against the endpoints api. This causes performance issues on large scale clusters due to incessant iptables refreshes, see: https://github.com/kubernetes/kubernetes/issues/26637
The goal of this PR is to:
- Abstract Endpoints out of the leader election code
- Fix a known bug in the event recording
fixes#18386
**Special notes for your reviewer**:
This is a 1st pass at abstracting the details of endpoints out into an interface. Any suggestions around how we we want to refactor this interface is welcome and could be addressed in either this PR or follow on PR.
/cc @ncdc @wojtek-t @rrati
Automatic merge from submit-queue
Apply default image tags for all runtimes
Move the docker-specific logic up to the ImageManager to allow code sharing
among different implementations.
Part of #31459
/cc @kubernetes/sig-node
Automatic merge from submit-queue
Node-ip is not used when cloud provider is used
Currently --node-ip in kubelet is not being used when kubelet is configured with a cloud provider. With this fix, kubelet will get a list of IPs from the provider and parse it to return the one that matches node-ip.
This fixes#23568
Automatic merge from submit-queue
Bump glbc version to 0.8.0
Picks up k8s.io godeps for v1.4 thereby fixing an int overflow bug in the upstream delayed-workqueue pkg. Without this the controller spams logs with retries in the "soft error" case, which is easy to come by when users eg: create ingresses that point to non-exist services.
Should go into 1.4.1, because 1.4.0 is pretty much out at this point.
https://github.com/kubernetes/kubernetes/issues/33279
Automatic merge from submit-queue
add optional env var for allowing version skew in test cmd
If you only make a change to a server component and then re-run `test-cmd` you get a skew error. This is really annoying. I've left the default as it was (force version match), but now also allow `ALLOW_SKEW=true hack/test-cmd.sh` to skip the check.
@eparis worth a quick bash check, but I think I got it.
Automatic merge from submit-queue
Remove flannel because now everything here is upstreamed
Multiarch is now a thing for official flannel 👍
@tomdee @mikedanese @errordeveloper
Automatic merge from submit-queue
Use patched golang1.7.1 for cross-builds targeting darwin
This PR extends #32517 to use the patched go1.7.1 introduced by that PR to build all darwin targets (e.g. kubectl).
This is necessary because binaries built with earlier versions of Go regularly segfault on macOS Sierra (see #32999 and #33070).
This solution is somewhat hacky, but we intend to cherry-pick this to 1.4, and switching all of 1.4 to build with go1.7.1 is very high risk.
I haven't yet pushed the cross build image yet, so this will fail to build. Will test locally and update with results.
First step of fixing #33801.
cc @luxas @pwittrock @david-mcmahon @liggitt @smarterclayton @jfrazelle @Starefossen @gerred
Automatic merge from submit-queue
Add community expectations about conduct and reviewing.
@sarahnovotny @smarterclayton @philips @thockin @davidopp @jbeda
As discussed in the previous community meeting here's a description of the expectations around community, I expanded it a little bit beyond code review because it seemed like a good place to put it
down in one location.
Please let me know what I got wrong (or right ;)
Thanks
--brendan
Automatic merge from submit-queue
Proposal: Add HyperContainer runtime
This PR adds a proposal for integrating [HyperContainer](http://hypercontainer.io) runtime via CRI.
CC @dchen1107 @kubernetes/sig-node
