Commit Graph

32591 Commits

Author SHA1 Message Date
Matthew Wong
ae1575b5cc Set extra supplemental groups for rkt 2016-07-22 17:43:24 -04:00
Matthew Wong
cbdd121d2d Remove pod mutation for PVs with supplemental GIDs 2016-07-22 17:41:44 -04:00
Euan Kemp
6aed2a0b1d network/cni: Search vendorDir for lo plugin too
Though frankly the vendor dir thing should probably be removed in a
followup PR.
2016-07-22 14:40:44 -07:00
Euan Kemp
8f7b5bcfd3 network/cni: Always setup 'lo'
See issue #28561
2016-07-22 14:40:35 -07:00
Marcin Wielgus
944e7f77b0 Internal types for FederatedReplicaSetPreferences 2016-07-22 23:35:38 +02:00
David McMahon
f55206a675 Update CHANGELOG.md for v1.3.3. 2016-07-22 14:01:23 -07:00
David McMahon
97b9ebc989 Clarify newline formatting for release note blocks. 2016-07-22 13:46:44 -07:00
k8s-merge-robot
a6b8aa991e Merge pull request #29458 from hongchaodeng/sh
Automatic merge from submit-queue

Update etcd deprecated flag

update etcd deprecated flag
- "-addr" => "--advertise-client-urls"
- "-bind-addr" => "--listen-client-urls"
2016-07-22 12:19:34 -07:00
Justin Santa Barbara
756c17315b Fix route53 stub matching logic: match name & type 2016-07-22 15:09:04 -04:00
k8s-merge-robot
df2cf16ddb Merge pull request #26709 from hodovska/master
Automatic merge from submit-queue

Allow shareable resources for admission control plugins.

Changes allow admission control plugins to share resources. This is done via new PluginInitialization structure. The structure can be extended for other resources, for now it is an shared informer for namespace plugins (NamespiceLifecycle, NamespaceAutoProvisioning, NamespaceExists).

If a plugins needs some kind of shared resource e.g. client, the client shall be added to PluginInitializer and Wants methods implemented to every plugin which will use it.
2016-07-22 11:07:05 -07:00
Hongchao Deng
74e6626967 Update etcd deprecated flag
- "-addr" => "--advertise-client-urls"
- "-bind-addr" => "--listen-client-urls"
2016-07-22 11:01:11 -07:00
Paul Morie
66e7257a81 Add package docs for pod security policy 2016-07-22 13:35:37 -04:00
k8s-merge-robot
e9e774cfb4 Merge pull request #28431 from brendandburns/thirdparty2
Automatic merge from submit-queue

Fix a problem with multiple APIs clobbering each other in registration.

Fixes https://github.com/kubernetes/kubernetes/issues/24392

@kubernetes/sig-api-machinery 

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-07-22 09:41:58 -07:00
k8s-merge-robot
c5abb90c2f Merge pull request #29329 from derekwaynecarr/min-reclaim-flag
Automatic merge from submit-queue

Add kubelet flag for eviction-minimum-reclaim

This is taken from #27199 as its the most burdensome to rebase and should have little disagreement.

/cc @vishh @ronnielai PTAL
2016-07-22 09:08:43 -07:00
k8s-merge-robot
77d6e5578e Merge pull request #29251 from ping035627/ping035627-patch-0720
Automatic merge from submit-queue

Add a value judgement for the cloud in controllermanager.go

The PR add a value judgement for the cloud, because cloudprovider.InitCloudProvider maybe return nil for the cloud.
2016-07-22 08:28:23 -07:00
Avesh Agarwal
c0d0834f8d One selinux enabled systems, it might require to relabel
/var/lib/kubelet, otherwise following tests fail:

Summarizing 7 Failures:

[Fail] [k8s.io] ConfigMap [It] updates should be reflected in volume [Conformance]
/root/upstream-code/gocode/src/k8s.io/kubernetes/test/e2e_node/configmap.go:131

[Fail] [k8s.io] ConfigMap [It] should be consumable from pods in volume as non-root with FSGroup [Feature:FSGroup]
/root/upstream-code/gocode/src/k8s.io/kubernetes/test/e2e/framework/util.go:2115

[Fail] [k8s.io] ConfigMap [It] should be consumable from pods in volume with mappings as non-root [Conformance]
/root/upstream-code/gocode/src/k8s.io/kubernetes/test/e2e/framework/util.go:2115

[Fail] [k8s.io] ConfigMap [It] should be consumable from pods in volumpe [Conformance]
/root/upstream-code/gocode/src/k8s.io/kubernetes/test/e2e/framework/util.go:2115

[Fail] [k8s.io] ConfigMap [It] should be consumable from pods in volume with mappings [Conformance]
/root/upstream-code/gocode/src/k8s.io/kubernetes/test/e2e/framework/util.go:2115

[Fail] [k8s.io] ConfigMap [It] should be consumable from pods in volume with mappings as non-root with FSGroup [Feature:FSGroup]
/root/upstream-code/gocode/src/k8s.io/kubernetes/test/e2e/framework/util.go:2115

[Fail] [k8s.io] ConfigMap [It] should be consumable from pods in volume as non-root [Conformance]
/root/upstream-code/gocode/src/k8s.io/kubernetes/test/e2e/framework/util.go:2115
2016-07-22 11:24:55 -04:00
k8s-merge-robot
e20dbc039b Merge pull request #29321 from derekwaynecarr/eviction-proposal-update-flags
Automatic merge from submit-queue

Update proposed flag names for kubelet eviction

This PR changes the flag names proposed in kubelet eviction for minimum amount of resource to reclaim when triggering an eviction.

This captures the design change proposed and agreed to in #27199 

Having it in a separate PR removes noise from reviewing the core PR.

/cc @vishh @ronnielai PTAL
2016-07-22 07:55:07 -07:00
derekwaynecarr
3e75f2effb Eviction manager needs to start as runtime dependent module 2016-07-22 10:19:40 -04:00
k8s-merge-robot
46e3611502 Merge pull request #29320 from thockin/makefile-fixes-and-speed
Automatic merge from submit-queue

Makefile fixes and speed

A few fixes that, together, make the 'make' experience smoother and more seamless.
    * `make clean all` works (@soltysh)
    * `make clean` does no spend 5 seconds loading deps just to remove them
    * deps building is faster

Fixes #28890
Ref #8830
2016-07-22 06:40:35 -07:00
k8s-merge-robot
ba51b6b977 Merge pull request #29300 from janetkuo/kubectl-set-image-record-patch
Automatic merge from submit-queue

Use patch when recording commands in kubectl set image

1. Use `Patch` to mitigate update conflict. See http://stackoverflow.com/questions/38476531/kubernetes-kubectl-set-image-deployment-not-able-to-record-history
2. Return warning instead of error when fail to record command

@kubernetes/kubectl
2016-07-22 06:00:15 -07:00
Justin Santa Barbara
6463a220ee Expose Changesets (transactions) in dns provider
This makes the dnsprovider usable in more scenarios, and it also solves
some TODOs in the federation code.
2016-07-22 08:43:20 -04:00
k8s-merge-robot
e2fb251c2a Merge pull request #29266 from xiangpengzhao/fix_defer_close
Automatic merge from submit-queue

Add f.Close() for applyOOMScoreAdj
2016-07-22 05:24:28 -07:00
k8s-merge-robot
6fd685b54b Merge pull request #29207 from fgrzadkowski/ha_master_leader_elect
Automatic merge from submit-queue

Add default leader election for scheduler and controller manager.

#21124
2016-07-22 04:49:44 -07:00
k8s-merge-robot
60e59c9461 Merge pull request #29184 from wojtek-t/rs_controller_ref
Automatic merge from submit-queue

ReplicaSet controller can set/remove ControllerRef

This is mostly a copy from https://github.com/kubernetes/kubernetes/pull/27600
2016-07-22 04:18:00 -07:00
k8s-merge-robot
f37cadd357 Merge pull request #29445 from wojtek-t/fix_kubemark_after_ip_address_machinations
Automatic merge from submit-queue

Fix Kubemark config after IP addresses machinations
2016-07-22 03:44:46 -07:00
k8s-merge-robot
ab8f77263b Merge pull request #29109 from wojtek-t/pod_affinity_predicate
Automatic merge from submit-queue

More pod-affinity code cleanup and prepare for parallelization

Ref #26144
2016-07-22 03:44:42 -07:00
k8s-merge-robot
e562ce54b1 Merge pull request #29026 from runcom/user-in-cri
Automatic merge from submit-queue

CRI: add LinuxUser to LinuxContainerConfig

Following discussion in https://github.com/kubernetes/kubernetes/pull/25899#discussion_r70996068

The Container Runtime Interface should provide runtimes with User information to run the container process as (OCI being one of them).
This patch introduces a new field `user` into `LinuxContainerConfig` structure. The `user` field introduces also a new type structure `LinuxUser` which consists of `uid`, `gid` and `additional_gids`. 

The `LinuxUser` struct has been embedded into `LinuxContainerConfig` to leave space for future implementations which are not Linux-related (e.g. Windows may have a different representation of _Users_).

If you feel naming can be better we can probably move `LinuxUser` to `UnixUser` also. 

/cc @mrunalp @vishh @euank @yujuhong 

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-07-22 03:11:56 -07:00
Wojciech Tyczynski
7ef2e946dc Fail Kubemark if tests fail with error. 2016-07-22 11:52:54 +02:00
Wojciech Tyczynski
28205d6a43 Fix Kubemark config after IP addresses machinations 2016-07-22 11:49:15 +02:00
k8s-merge-robot
bf817a3830 Merge pull request #26939 from zhouhaibing089/healthz-fix
Automatic merge from submit-queue

fixes the usage doc in package healthz

Briefly, the comments in `pkg/healthz/doc.go` is not correct.
2016-07-22 02:39:11 -07:00
k8s-merge-robot
835ee70c45 Merge pull request #28909 from foxish/foxish-issue-28785
Automatic merge from submit-queue

Create event only if creation of PVC failed.

Fixes #28785.
We should report an event only if the petset can't find a PVC and can't create it either.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-07-22 02:39:06 -07:00
k8s-merge-robot
be5e98fafd Merge pull request #28959 from asalkeld/e2e-isup
Automatic merge from submit-queue

e2e.go --isup should also check the version

Just move the setenv up to include --isup

fixes #18667
2016-07-22 01:59:18 -07:00
k8s-merge-robot
f7409f3be2 Merge pull request #29368 from mwielgus/delaying_deliverer
Automatic merge from submit-queue

Delaying deliverer for Federated ReplicaSet

A helper struct to push data to a channel after a given delay. It runs on a single gouroutine and allows updates. An update cancels previous delivery if it was about to happen later than the new one. Otherwise the new update is discarded. 
All data require a string key that is used to identify the data (for updates and de-duplication).

cc: @quinton-hoole @wojtek-t
2016-07-22 01:13:57 -07:00
k8s-merge-robot
2f96bc2b15 Merge pull request #29240 from dhawal55/fix_volume_mounting
Automatic merge from submit-queue

NewVolumeManager expects nodeName instead of hostName.
2016-07-22 01:13:52 -07:00
k8s-merge-robot
72a697a13d Merge pull request #28182 from quinton-hoole/2016-06-28-compare-rrsets-properly
Automatic merge from submit-queue

Federation: Use equivalent() instead of == to compare DNS ResourceRecordSets. Fixes #28135

Without this we sometimes incorrectly assume that DNS records hosted on cloud DNS servers need to be replaced when they don't need to be.  This results in unnecessary churn on DNS records.

cc: @nikhiljindal @madhusudancs @mfanjie FYI
2016-07-22 00:41:06 -07:00
lixiaobing10051267
123c9ceb5d Give the complete and correct path to client/apiserver related 2016-07-22 15:12:06 +08:00
Random-Liu
7b27358068 Change SetupNode to True for node e2e docker validation test. 2016-07-22 00:07:09 -07:00
k8s-merge-robot
cfdb468654 Merge pull request #29114 from matttproud/cleanups/density_e2e
Automatic merge from submit-queue

test/e2e: plug time.Ticker resource leak.

This commit ensures that `logPodStartupStatus` does not leak
running `time.Ticker` instances.  Upon termination of the consuming
routine, we stop the ticker.
2016-07-22 00:05:20 -07:00
k8s-merge-robot
33f96bbbcb Merge pull request #29428 from justinsb/aws_abac
Automatic merge from submit-queue

AWS kube-up: export kube_user to salt

This was done for GCE in #29164, but not for AWS.

Fixes #29424
2016-07-22 00:05:15 -07:00
Wojciech Tyczynski
fad876b6f9 PodAffinity code refinements 2016-07-22 08:49:28 +02:00
lixiaobing10051267
7c1a9014bf Modify the provider name in e2e-tests.md 2016-07-22 14:32:58 +08:00
Wojciech Tyczynski
ee9de6457c Merge pull request #29429 from kubernetes/revert-26861-embed
Revert "cacher.go: embed storage.Interface into cacher"
2016-07-22 07:29:41 +02:00
Wojciech Tyczynski
33e612e101 Revert "cacher.go: embed storage.Interface into cacher" 2016-07-22 07:28:45 +02:00
Paul Morie
249da77371 Extract kubelet node status into separate file 2016-07-22 01:21:30 -04:00
Justin Santa Barbara
55d0d3b4fa AWS kube-up: export kube_user to salt
This was done for GCE in #29164, but not for AWS.

Fixes #29424
2016-07-22 00:46:03 -04:00
Justin Santa Barbara
49da8298c9 AWS kube-up: fix MASTER_OS_DISTRIBUTION
On AWS we were defining KUBE_MASTER_OS_DISTRIBUTION, but the scripts
expect MASTER_OS_DISTRIBUTION.

Fixes #29422
2016-07-22 00:45:05 -04:00
Justin Santa Barbara
eb3483eaba kube-up: increase download timeout for kubernetes.tar.gz
Particularly on smaller instances on AWS, we were hitting the 80 second
timeout now that our image is well over the 1GB mark.

Increase the timeout from 80 seconds to 300 seconds.

Fix #29418
2016-07-22 00:39:35 -04:00
Antoine Pelisse
180e671972 Merge pull request #29421 from apelisse/fix-broken-script
Tentatively fix broken kubemark tests
2016-07-21 20:40:25 -07:00
Antoine Pelisse
ab3e4494d3 Tentatively fix broken kubemark tests
The multi-line bash command is ill-formed.
2016-07-21 20:39:04 -07:00
Davanum Srinivas
9fc1d61ab7 Enable endpoints in kubernetes service started by local-cluster-up.sh
--advertise_address should be set to 127.0.0.1, So let API server pick
the default if necessary.

Fixes #29374
2016-07-21 22:39:17 -04:00