Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
volunteer to help with external cloud providers
**What this PR does / why we need it**:
Looks like we have a single approver in Mike. Throwing my hat in
to help with approvals etc.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add required family flag for conntrack IPv6 operation
This change causes kube-proxy to supply the required "-f ipv6"
family flag whenever the conntrack utility is executed and the
associated service is using IPv6.
This change is required for IPv6-only operation.
Note that unit test coverage for the 2-line changes in
pkg/proxy/iptables/proxier.go and /pkg/proxy/ipvs/proxier.go will need
to be added after support for IPv6 service addresses is added to these
files. For pkg/proxy/iptables/proxier.go, this coverage will be added
either with PR #48551.
fixes#52027
**What this PR does / why we need it**:
Kube-proxy is currently not supplying the required "-f ipv6" family flag whenever it
calls the conntrack utility and the associated service is using an IPv6 service IP address.
This means that for IPv6-only operation, conntrack is not properly cleaning up
stale UDP connections, and this may be effecting ip6tables operation.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes # 52027
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
the feature of Flex volume API and Improved lifecycle hasnot merge v1.6
**What this PR does / why we need it**:
reopen#51580 because of rebase conflict,and remove changelog1.6
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#32543
**Special notes for your reviewer**:
cc @xiangpengzhao @zhangxiaoyu-zidif
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubectl: Move utility functions to util package
**What this PR does / why we need it**:
`parseFileSource()` and `parseLiteralSource()` are utility functions.
We have a package already for utility functions, `kubectl/util/`.
Move utility functions to `kubectl/util`, capitalize function names to
export from package.
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/sig cli
/kind cleanup
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use `--oom-score-adj` flag for kube-proxy
**What this PR does / why we need it**:
Replace `echo -998 > /proc/$$$/oom_score_adj` with `--oom-score-adj` flag for kube-proxy.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51083
**Special notes for your reviewer**:
/assign @justinsb @vishh
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51754, 53261, 53450). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
GCE: Ignore notFound when deleting firewall
**What this PR does / why we need it**:
Ignores a not found error when deleting a firewall on line 220.
**Which issue this PR fixes**:
Fixes#53411
**Special notes for your reviewer**:
/assign @MrHohn
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51754, 53261, 53450). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix comment
**What this PR does / why we need it**:
fix method name in comment
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 51754, 53261, 53450). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Rename the name of event source in controller-manager
**What this PR does / why we need it**: Make the event source more obvious
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51753
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 53345, 53389). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add IPv6 option for e2e iPerf test
The e2e iPerf test case currently only runs in IPv4 mode.
This change adds an option to run an iPerf test in IPv6 mode (i.e. by running
iPerf with a "-V" command line flag), so that the test can be run on
IPv6-only clusters.
**What this PR does / why we need it**:
This change adds an option to run an iPerf test in IPv6 mode (i.e. by running
iPerf with a "-V" command line flag), so that the test can be run on
IPv6-only clusters. It also adds a Feature tag to the current IPv4 iPerf test
so that it can be disabled when running e2e tests on an IPv6-only cluster.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#53388
**Special notes for your reviewer**:
Please let me know if there are better "Feature:" tags to use for selecting whether to run the IPv4 vs IPv6 test case.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Support field selectors for CRDs
Signed-off-by: Andy Goldstein <andy.goldstein@gmail.com>
**What this PR does / why we need it**: allow field selectors to be used with custom resources
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51046, fixes#49424
**Special notes for your reviewer**:
**Release note**:
```release-note
Custom resources served through CustomResourceDefinition now support field selectors for `metadata.name` and `metadata.namespace`.
```
Automatic merge from submit-queue (batch tested with PRs 53317, 52186). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
code-generator: rewrite hack/update-codecs.sh into reusable generate-{internal,}-groups.sh
Generating everything for groups inside of an apiserver (with internal types) becomes:
```shell
generate-internal-groups.sh all "$(dirname ${BASH_SOURCE})/../../.." k8s.io/sample-apiserver/pkg/client k8s.io/sample-apiserver/pkg/apis k8s.io/sample-apiserver/pkg/apis wardle:v1alpha1
```
Generating everything for a CRD (versioned types) becomes:
```shell
generate-groups.sh all "$(dirname ${BASH_SOURCE})/../../.." k8s.io/sample-apiserver/pkg/client k8s.io/sample-apiserver/pkg/apis wardle:v1alpha1
```
This should cover the 90% percent use-case. For the other 10% this can be forked and adapted as needed.
Furthermore, we can put this into a Docker container. Then code-generator consumers can do:
```shell
$ docker run -v $GOPATH:/go k8s.io/code-generator:1.8 generate-group.sh github.com/foo/bar example:v1
```
This is only possibly only the first step towards a `code-generator` binary. For the later deeper generator changes are necessary (e.g. https://github.com/kubernetes/kubernetes/pull/53202) and hence the later is only feasible in 1.9. **This PR here in contrast, we can cherry-pick to 1.8.**
```release-note
Add generate-groups.sh and generate-internal-groups.sh to k8s.io/code-generator to easily run generators against CRD or User API Server types.
```
Fixes https://github.com/kubernetes/kubernetes/issues/48714.
Automatic merge from submit-queue (batch tested with PRs 53317, 52186). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Change default --cert-dir for kubelet to a non-transient location
The default kubelet `--cert-dir` location is `/var/run/kubernetes`, which is automatically erased on reboot on many platforms. As of 1.8.0, kubelet TLS bootstrapping and cert rotation now persist files in `--cert-dir`, this should default to a non-transient location. Default it to the `pki` subfolder of the default `--root-dir` Fixes#53288
Additionally, since `kubeadm` expects a running (albeit crashlooping) kubelet prior to running `kubeadm init` or `kubeadm join`, and was using the default `--root-dir` of `/var/lib/kubelet`, it should not expect that folder to be empty as a pre-init check. Fixes https://github.com/kubernetes/kubernetes/issues/53356
```release-note
kubelet: `--cert-dir` now defaults to `/var/lib/kubelet/pki`, in order to ensure bootstrapped and rotated certificates persist beyond a reboot.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add note about kubelet removed flag --api-servers
**What this PR does / why we need it**:
Adds warning about --api-servers being removed in kubelet in CHANGELOG. This is a breaking change for one of my dev clusters, I imagine others would run into it.
**Special notes for your reviewer**:
This change was made in https://github.com/kubernetes/kubernetes/pull/40050.
cc @mtaufen @liggitt @mikedanese @wojtek-t @kubernetes/sig-cluster-lifecycle-misc @kubernetes/sig-node-misc (just cc'ing the same people in the related PR)
Automatic merge from submit-queue (batch tested with PRs 52832, 53401). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix spam of multiattach errors in event logs
We should be careful while generating multiattach errors.
We seem to be generating too many of them because old code
had minor bug.
Fixes https://github.com/kubernetes/kubernetes/issues/53214
I think that we should cherry-pick this to 1.8.
cc @kubernetes/sig-storage-pr-reviews
```release-note
Fix multi-attach error spam in logs and events
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add UT for podPreset storage
**What this PR does / why we need it**:
Add UT for podPreset storage
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
removes Authorizer and ExternalClientSet from kubeapiserver's admissi…
**What this PR does / why we need it**:
removes Authorizer and ExternalClientSet from kubeapiserver's admission initializer.
**Release note**:
```
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Refactor node taint conditions
**What this PR does / why we need it**:
We should use `not-ready` etc as node condition taint key.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
fixes#51246
**Special notes for your reviewer**:
**Release note**:
```release-note
Use `not-ready` to replace `notReady` in node condition taint keys.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Rename TPR to CRD
TPR has been completely removed in 1.8. However, there are still some places which use the word "TPR".
We should rename TPR to CRD in such places to be consistent with the nomenclature.
**Release note**:
```release-note
NONE
```
/cc @sttts
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Support completions for --clusterrole of kubectl create clusterrolebinding
**What this PR does / why we need it**:
This PR supports completion for --clusterrole of kubectl create clusterrolebinding.
```
$ kubectl create clusterrolebinding hoge --clusterrole <tab>
admin system:controller:daemon-set-controller system:controller:node-controller system:controller:service-controller system:kube-scheduler
cluster-admin system:controller:deployment-controller system:controller:persistent-volume-binder system:controller:statefulset-controller system:node
edit system:controller:disruption-controller system:controller:pod-garbage-collector system:controller:ttl-controller system:node-bootstrapper
system:auth-delegator system:controller:endpoint-controller system:controller:replicaset-controller system:discovery system:node-problem-detector
system:basic-user system:controller:generic-garbage-collector system:controller:replication-controller system:heapster system:node-proxier
system:controller:attachdetach-controller system:controller:horizontal-pod-autoscaler system:controller:resourcequota-controller system:kube-aggregator system:persistent-volume-provisioner
system:controller:certificate-controller system:controller:job-controller system:controller:route-controller system:kube-controller-manager view
system:controller:cronjob-controller system:controller:namespace-controller system:controller:service-account-controller system:kube-dns
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
I feel that it is better to except system clusterroles from completion candidates. What do you think about it?
**Release note**:
```release-note
Support completion for --clusterrole of kubectl create clusterrolebinding
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix some typos in api/types
**What this PR does / why we need it**:
Fix some typos in api/types
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#53420
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 53228, 53232, 53353). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixes a regression introduced by PR 52290 that extended resource
capacity may temporarily drop to zero after kubelet restarts and PODs restarted during
that time window could fail to be scheduled.
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
https://github.com/kubernetes/kubernetes/issues/53342
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 53228, 53232, 53353). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove swagger 1.2 validation
**What this PR does / why we need it**:
Removes dependency on swagger 1.2 for validation. Always uses openapi.
cc @mbohlool
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#44589
**Special notes for your reviewer**:
**Release note**:
```release-note
Kubectl: Remove swagger 1.2 validation. Also removes options `--use-openapi` and `--schema-cache-dir` as these are no longer needed.
```
Automatic merge from submit-queue (batch tested with PRs 53228, 53232, 53353). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Openapi explain
**What this PR does / why we need it**:
This rewrites `kubectl explain` but using openapi rather than swagger 1.2. Also removes the former code.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49465, fixes partially #44589, fixes partially #38637
**Special notes for your reviewer**:
FYI @mbohlool
**Release note**:
```release-note
`kubectl explain` now uses openapi rather than swagger 1.2.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixes test/e2e_node/gpu_device_plugin.go test failure.
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes https://github.com/kubernetes/kubernetes/issues/53354
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 53403, 53233). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove containers from deleted pods once containers have exited
Issue #51899
Since container deletion is currently done through periodic garbage collection every 30 seconds, it takes a long time for pods to be deleted, and causes the kubelet to send all delete pod requests at the same time, which has performance issues. This PR makes the kubelet actively remove containers of deleted pods rather than wait for them to be removed in periodic garbage collection.
/release-note-none
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improve explanation of ReplicaSet.
"ReplicaSet represents the configuration of a ReplicaSet" does not tell
you much. I took the explanation from
https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#when-to-use-a-replicaset
**What this PR does / why we need it**:
`kubectl explain rs` prints "ReplicaSet represents the configuration of a ReplicaSet", which is not very helpful.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
Improve explanation of ReplicaSet
```
e2e tests provide only an (IPv4) ping test for external connectivity.
We need a way to conditionally run a ping6 external connectivity check,
and disable the (IPv4) ping-based external connectivity check,
for end-to-end testing on IPv6-only clusters.
This feature will be needed for creating gating IPv6 CI tests.
fixes#53383
Automatic merge from submit-queue (batch tested with PRs 49826, 53404). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix typo in health check url
fixes the url used to scrape bootstrapping details in a test failure case
Automatic merge from submit-queue (batch tested with PRs 49826, 53404). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
avoid newline "\n" in the error to break log msg to 2 lines
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49813
**Special notes for your reviewer**:
/cc @justinsb @rrati
**Release note**:
```release-note
avoid newline "\n" in the error to break log msg to 2 lines
```
Automatic merge from submit-queue (batch tested with PRs 53391, 52349). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Beginning of rewrite apply merge-logic using visitor pattern.
**Note**: This is not hooked up to anything. A release note will be added when this is wired into actual commands.
Major changes:
- Don't generate a patch, instead generate the merged object so it can be used with PUT
- Separate tree parsing logic to collate items in a list from the delete / merge / replace / add logic when merging
- Use openapi for merge strategy metadata so it works with extensions and version skew
- Support multi-field mergekeys when merging lists
- Support replace strategy for maps
- Reduce complexity of generating order when merging lists - keep the locally defined order and append remote only-items
Continue to support:
- Explicitly setting fields to null
- Merging lists of primitives
- Don't randomize ordering when merging lists
TODO:
- Retain keys
- Conflict detection
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixeskubernetes/kubectl#69
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fluentd-elasticsearch add-on: Rename Docker image tag
As @crassirostris requested in #53307 - rename tag of Docker image gcr.io/google-containers/elasticsearch to drop -1 suffix.
