Commit Graph

62517 Commits

Author SHA1 Message Date
Kubernetes Submit Queue
89e433fca1
Merge pull request #59404 from ohmystack/docker-mem-swap
Automatic merge from submit-queue (batch tested with PRs 50724, 59025, 59710, 59404, 59958). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

dockertools: disable MemorySwap on Linux

In this commit, set `MemorySwap` the same with `Memory` to prevent using swap on Linux.

**What this PR does / why we need it**:

In #39731, @pires tried to disable swap on Linux by setting `MemorySwap` to 0.
However, according to [Docker's docs](https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details), setting `MemorySwap` to 0 is treated as unset, and its [default behavior](https://github.com/moby/moby/blob/v17.05.0-ce/daemon/daemon_unix.go#L266-L269) is to set to twice the size of `Memory`, which can still cause the container to use the swap.

**Which issue(s) this PR fixes** :

This issue was mentioned in this comment: https://github.com/kubernetes/kubernetes/issues/7294#issuecomment-362722637

**Special notes for your reviewer**:

1. For the case on Windows, we can still use the 0 because [Windows does not support `MemorySwap`](https://github.com/moby/moby/blob/v17.05.0-ce/daemon/daemon_windows.go#L185-L187).
2. There is another place using the `DefaultMemorySwap()` is for [sandbox](https://github.com/kubernetes/kubernetes/blob/v1.9.2/pkg/kubelet/dockershim/docker_sandbox.go#L505).
Maybe setting the sandbox's `MemorySwap` to 0 is fine. I didn't change that.

**Release note**:

```release-note
dockertools: disable memory swap on Linux.
```
2018-02-26 21:34:42 -08:00
Kubernetes Submit Queue
68f496d50f
Merge pull request #59710 from sailingwithoutwind/fix/some-typo
Automatic merge from submit-queue (batch tested with PRs 50724, 59025, 59710, 59404, 59958). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

some typo

**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note

```
2018-02-26 21:34:38 -08:00
Kubernetes Submit Queue
97b9271abd
Merge pull request #59025 from ggaaooppeenngg/add-err-in-ensure-check
Automatic merge from submit-queue (batch tested with PRs 50724, 59025, 59710, 59404, 59958). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add detailed err in ensure docker process error

Signed-off-by: Peng Gao <peng.gao.dut@gmail.com>



**What this PR does / why we need it**:
Add detailed error.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-02-26 21:34:32 -08:00
Kubernetes Submit Queue
c1d5800874
Merge pull request #59912 from superbrothers/fix-broken-link
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix the broken link in Markdown

**What this PR does / why we need it**: Fix the broken link in Markdown

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-02-26 21:34:14 -08:00
Kubernetes Submit Queue
b684a282e5
Merge pull request #50724 from allencloud/fix-incorrect-comparison-log
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

fix incorrect comparison in /pkg/volume error message

Signed-off-by: allencloud <allen.sun@daocloud.io>



**What this PR does / why we need it**:
This PR fixes incorrect error message when there is comparison.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE

**Special notes for your reviewer**:
NONE

**Release note**:

```release-note
NONE
```
2018-02-26 20:34:37 -08:00
Kubernetes Submit Queue
2966cdaa12
Merge pull request #58559 from mlmhl/volumemanager_cleanup
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

use GetUniqueVolumeNameFromSpec instead of implementing it manually for kubelet volume manager

**What this PR does / why we need it**:

`volumeName` is only used for attachable plugin, so we should resolve it inside the `if` statement. Besides, we can use the already exist `GetUniqueVolumeNameFromSpec` mthod instead of invoking `GetVolumeName` and `GetUniqueVolumeName` manually.

**Release note**:

```release-note
NONE
```

/sig storage
/kind cleanup
2018-02-26 19:34:22 -08:00
Kubernetes Submit Queue
3ca89a3469
Merge pull request #60125 from vainu-arto/aws-missing-tags-error
Automatic merge from submit-queue (batch tested with PRs 60435, 60334, 60458, 59301, 60125). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Return missing ClusterID error instead of ignoring it

This fixes issue #57382. In the cases I'm aware of kubelet cannot function if it can't detect the cluster it is running in, so the error should be passed up to the caller preventing initialization when kubelet would fail. This way the error can be detected and kubelet startup attempted again later (giving AWS time to apply the tags).

```release-note
On AWS kubelet returns an error when started under conditions that do not allow it to work (AWS has not yet tagged the instance).
```
2018-02-26 17:48:54 -08:00
Kubernetes Submit Queue
1902a18c88
Merge pull request #59301 from dcbw/dockershim-stop-sandbox-no-ip
Automatic merge from submit-queue (batch tested with PRs 60435, 60334, 60458, 59301, 60125). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

dockershim: don't check pod IP in StopPodSandbox

We're about to tear the container down, there's no point.  It also suppresses
an annoying error message due to kubelet stupidity that causes multiple
parallel calls to StopPodSandbox for the same sandbox.

docker_sandbox.go:355] failed to read pod IP from plugin/docker: NetworkPlugin cni failed on the status hook for pod "docker-registry-1-deploy_default": Unexpected command output nsenter: cannot open /proc/22646/ns/net: No such file or directory

1) A first StopPodSandbox() request triggered by SyncLoop(PLEG) for
a ContainerDied event calls into TearDownPod() and thus the network
plugin.  Until this completes, networkReady=true for the
sandbox.

2) A second StopPodSandbox() request triggered by SyncLoop(REMOVE)
calls PodSandboxStatus() and calls into the network plugin to read
the IP address because networkReady=true

3) The first request exits the network plugin, sets networReady=false,
and calls StopContainer() on the sandbox.  This destroys the network
namespace.

4) The second request finally gets around to running nsenter but
the network namespace is already destroyed.  It returns an error
which is logged by getIP().

```release-note
NONE
```
@yujuhong @freehan
2018-02-26 17:48:50 -08:00
Kubernetes Submit Queue
5badfc6bac
Merge pull request #60458 from jennybuckley/integration-timeout
Automatic merge from submit-queue (batch tested with PRs 60435, 60334, 60458, 59301, 60125). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Increase timeout of integration tests

**What this PR does / why we need it**:
In #24509 we intended to increase the timeout to 600s, but it was reverted by accident in #57521 when overriding of the value was enabled. The jenkins job should honor the default of 600s instead of continuing to override it to 300s.
This lead to flaky integration tests, specifically TestCRDDeletionCascading

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #59426

**Special notes for your reviewer**:

**Release note**:
```release-note
Increase timeout of integration tests
```
2018-02-26 17:48:47 -08:00
Kubernetes Submit Queue
39891ba39b
Merge pull request #60334 from mikedanese/fix-gke
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

auth: reregister auth providers

Alternatively we can register this in the mains of most (or all) components.

Fixes GKE e2es
Fixes: 5d721bff81

That PR unregistered auth providers for kubectl and probably elsewhere.

```release-note
NONE
```
2018-02-26 17:34:31 -08:00
jennybuckley
4282d0fb7d Remove passing packages from hack/.golint_failures 2018-02-26 17:30:26 -08:00
jennybuckley
c8dacd8e63 Run hack/update-all.sh 2018-02-26 17:16:14 -08:00
Christoph Blecker
b97b9530f0
Remove dep-reviewers 2018-02-26 17:04:32 -08:00
Kubernetes Submit Queue
775155fb28
Merge pull request #60435 from sttts/sttts-dep-maintainer
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add myself to dep-approvers OWNER alias

Follow-up of https://github.com/kubernetes/kubernetes/pull/59587#issuecomment-368575420.
2018-02-26 16:47:30 -08:00
jennybuckley
5dd19232a0 Update code generators 2018-02-26 16:22:51 -08:00
jennybuckley
bae03aefd7 run hack/update-staging-godeps.sh 2018-02-26 16:20:19 -08:00
jennybuckley
42a5b1668d run hack/godep-save.sh 2018-02-26 16:11:27 -08:00
jennybuckley
28cd959884 Update gengo version 2018-02-26 15:53:16 -08:00
Manuel de Brito Fontes
02370e529b
Remove cassandra example 2018-02-26 20:39:07 -03:00
Kubernetes Submit Queue
e491689ef9
Merge pull request #60301 from tnozicka/fix-recreate
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix Deployment with Recreate strategy not to wait on Pods in terminal phase

**What this PR does / why we need it**:
Fixes Deployment with Recreate strategy not to wait on Pods in terminal phase. It can happen after eviction or failing to match selector and RS leaves such pod around right now. (Hopefully RC gets fixed separately.) 

**Which issue(s) this PR fixes** *:
Fixes https://github.com/kubernetes/kubernetes/issues/60162

**Special notes for your reviewer**:

**Release note**:

```release-note
Fixes a case when Deployment with recreate strategy could get stuck on old failed Pod.
```

/cc @janetkuo
2018-02-26 15:00:49 -08:00
David Zhu
cbd18965fd Added MountDevice/UnmountDevice pass-through to NodeStageVolume/NodeUnstageVolume for CSI Volume Plugin. Added related unit tests. Vendored CSI Spec to HEAD 2018-02-26 14:50:32 -08:00
jennybuckley
a1ab2b2ee1 Increase timeout of integration tests 2018-02-26 14:29:42 -08:00
andrewsykim
d856a97da1 fix bug where character devices are not recognized 2018-02-26 17:18:05 -05:00
Kubernetes Submit Queue
19f592e4c4
Merge pull request #60442 from mikedanese/fix-bzl
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

bzl: fix update-bazel.sh

pickup a85b63b06c

fixes #60439, fixes #60447
we need to vendor gazelle.

```release-note
NONE
```
2018-02-26 14:11:01 -08:00
Mike Danese
363e861aeb rbac: allow system:node role to make TokenRequests for all service accounts 2018-02-26 13:46:19 -08:00
Mike Danese
b43cd7307d noderestriction: restrict nodes TokenRequest permission
nodes should only be able to create TokenRequests if:
* token is bound to a pod
* binding has uid and name
* the pod exists
* the pod is running on that node
2018-02-26 13:46:19 -08:00
Mike Danese
2cc75f0a5a auth: allow nodes to create tokones for svcaccts of pods
running on them.
2018-02-26 13:46:19 -08:00
Lantao Liu
3688650a6b Add CPU/Memory pod stats for CRI stats.
Signed-off-by: Lantao Liu <lantaol@google.com>
2018-02-26 19:29:47 +00:00
Lantao Liu
1fb91cc8be Let image manager return a copy of image list. 2018-02-26 19:19:18 +00:00
jennybuckley
e6f867d2ca promote GC e2e tests to conformance tests 2018-02-26 11:18:12 -08:00
Bryan Moyles
84a86cffce Update to use Stackdriver Agent image.
Prometheus is enabled by default.
2018-02-26 14:05:33 -05:00
Mike Danese
4186abf72b bzl: fix update-bazel.sh
pickup a85b63b06c
2018-02-26 11:01:30 -08:00
Michelle Au
7def517dd3 Reduce number of pods created for local PV stress test 2018-02-26 10:00:59 -08:00
Dr. Stefan Schimanski
f52a1edd80 Add myself to dep-approvers OWNER alias 2018-02-26 19:00:19 +01:00
Beata Skiba
d003550bd2 Differentiate between target and target average value 2018-02-26 18:46:43 +01:00
Kubernetes Submit Queue
456ebf5de7
Merge pull request #60248 from cimomo/url-fix
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix incorrectly formatted URL

**What this PR does / why we need it**:
Fix an incorrectly formatted URL in the v1.9 change log. (Have a separate PR in the website repo to fix the release note already imported.)

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-02-26 09:21:03 -08:00
Kubernetes Submit Queue
2b77b8f1ad
Merge pull request #60370 from jianglingxia/jlx-fc2018
Automatic merge from submit-queue (batch tested with PRs 57326, 60076, 60293, 59756, 60370). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

FIX the os.Stat() func in volume file/kind bug

**What this PR does / why we need it**:
FIX the os.Stat() func has two same and delete one
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-02-26 09:20:52 -08:00
Kubernetes Submit Queue
98b1c79e2b
Merge pull request #59756 from tsmetana/refactor-describe-volume
Automatic merge from submit-queue (batch tested with PRs 57326, 60076, 60293, 59756, 60370). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix #59601: AWS: Check error code returned from describeVolume

The errors returned by the describeVolume call are not all equal:
if the error is of InvalidVolume.NotFound type it does not necessarily
mean the desired operation cannot be finished successfully.

Fixes #59601

```release-note
NONE
```
2018-02-26 09:20:49 -08:00
Kubernetes Submit Queue
c0383763ea
Merge pull request #60293 from tenxcloud/fix_volume_cache_grammar_error
Automatic merge from submit-queue (batch tested with PRs 57326, 60076, 60293, 59756, 60370). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix grammar issues and improve log in volume cache code

**What this PR does / why we need it**:
Fix grammar issues and improve log in volume cache code

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-02-26 09:20:46 -08:00
Kubernetes Submit Queue
2a373ace6e
Merge pull request #60076 from crassirostris/audit-buffered-backend
Automatic merge from submit-queue (batch tested with PRs 57326, 60076, 60293, 59756, 60370). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Introduce buffered audit backend

This is a copy from https://github.com/kubernetes/kubernetes/issues/53006 with comments addressed, since @hzxuzhonghu cannot work on this right now and the code freeze is close. Thanks @hzxuzhonghu for the contribution!

This is the first PR to fix https://github.com/kubernetes/kubernetes/issues/53006 and then https://github.com/kubernetes/kubernetes/issues/53020

This PR introduces a new audit backend, that batches incoming audit events and sends these batches to the underlying audit backend. This new backend is designed to replace existing batching webhook backend and allow to use batching with log backend, to solve the performance issues.

@sttts @ericchiang @CaoShuFeng @tallclair would really appreciate your review

```release-note
Buffered audit backend is introduced, to be used with other audit backends.
```
2018-02-26 09:20:42 -08:00
Mike Danese
e8d405a0ed auth: reregister auth providers
Fixes: 5d721bff81

That PR unregistered auth providers for kubectl and probably elsewhere.
2018-02-26 09:08:41 -08:00
Kubernetes Submit Queue
c19f8fceaf
Merge pull request #57326 from floreks/update-dashboard
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Update dashboard version to v1.8.3

**What this PR does / why we need it:** Updates dashboard addon to the latest version. Changelog can be found [here](https://github.com/kubernetes/dashboard/releases/tag/v1.8.3).

**Release note**:

```release-note
Update dashboard version to v1.8.3
```
2018-02-26 08:55:15 -08:00
Davanum Srinivas
42cc24e68d Better PROXY_LOG and verbosity in the command line
`>"${PROXY_LOG}"` was in the wrong spot
2018-02-26 16:29:31 +00:00
Davanum Srinivas
c339fc0c4f Use feature-gates command line for kube-proxy
Avoid throwing `featureGates:` into the kube-proxy yaml, since it's
not in the right format. It should be

```
    featureGates:
      AllAlpha: true
```

Since FEATURES_GATES is set to `AllAlpha=true`, we can't just throw that
into the yaml file. Just pass along FEATURES_GATES in the command line
instead just like we do for all other services
2018-02-26 09:03:39 -07:00
Kubernetes Submit Queue
05425f0826
Merge pull request #60256 from danwinship/review-iptables-stuff
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

add me to iptables/kube-proxy reviewers

kube-proxy needs reviewers!
2018-02-26 07:50:58 -08:00
Kubernetes Submit Queue
a6797824f2
Merge pull request #60307 from deads2k/cli-09-rebreak-filter
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

rebreak the filter

Pull https://github.com/kubernetes/kubernetes/pull/60117/commits fixed a bug in the filtering code which was actually being exploited to get inconsistent printing behavior. This reverts the commit that "fixed" the inconsistency and adjusts the test back to the equivalent, pre-printing fixes.

/assign @soltysh 


```release-note
NONE
```
2018-02-26 07:50:44 -08:00
m1093782566
2edc97bf17 fix static checks 2018-02-26 23:49:26 +08:00
m1093782566
9bb4807e25 update bazel 2018-02-26 23:48:48 +08:00
m1093782566
df7df811a4 auto generated codes 2018-02-26 23:48:48 +08:00
m1093782566
b498a33927 userspace part changes 2018-02-26 23:48:48 +08:00