Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
generated code should pass go vet for go1.10
**What this PR does / why we need it**:
Update code generator and the code it generates to pass `go vet`.
go1.10 runs `go vet` whenever `go test` is run. Because of this, generated code for CRDs needs to pass `go vet`.
**Release note**:
```release-note
Code generated for CRDs now passes `go vet`.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add statefulset scaling permission to admins, editors, and viewers
StatefulSets are missing scale permissions, so users can't scale them.
```release-note
fix permissions to allow statefulset scaling for admins, editors, and viewers
```
Automatic merge from submit-queue (batch tested with PRs 62857, 62707). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add support of standard LB to Azure vmss
**What this PR does / why we need it**:
Add support of standard LB to Azure vmss.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60485
**Special notes for your reviewer**:
**Release note**:
```release-note
Add support of standard LB to Azure vmss
```
/sig azure
Automatic merge from submit-queue (batch tested with PRs 62857, 62707). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Export RBAC validation functions
This change exports the RBAC validation functions to allow types outside of the RBAC API group to embed a RBAC type and reuse this validation logic. Note that only `ValidateRBACName`,
`ValidatePolicyRule` and `ValidateRoleBindingSubject` were exported. The rest of the functions were already exported.
Signed-off-by: Monis Khan <mkhan@redhat.com>
**Release note**:
```release-note
NONE
```
@kubernetes/sig-auth-pr-reviews
/assign @deads2k
Automatic merge from submit-queue (batch tested with PRs 62885, 62832). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
e2e test forwarding externalname dns lookup to upstream nameservers.
**What this PR does / why we need it**:
e2e test forwarding externalname dns lookup to upstream nameservers.
e2e test that goes through dnsmasq -> kubedns -> upstream servers path.
Updated e2e test for PTR record lookup, test for default upstreamservers from resolv.conf.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/dns/issues/226
**Special notes for your reviewer**:
/assign @MrHohn
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62885, 62832). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
GCE: Fix ILB issue updating backend services
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62878
`ensureInternalBackendServiceGroups` would sync the instance groups with the latest nodes, and update the backend service's list of backends if necessary. However, the list of backends on the backend service was not set before calling the GCP API.
`updateInternalLoadBalancerNodes` does very little above `ensureInternalBackendServiceGroups`, so I'm just combining the unit tests into one.
**Special notes for your reviewer**:
/assign MrHohn
cc @agau4779
**Release note**:
```release-note
GCE: Fix for internal load balancer management resulting in backend services with outdated instance group links.
```
Automatic merge from submit-queue (batch tested with PRs 61962, 58972, 62509, 62606). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Allow a test suite reusing framework to register namespaces to delete
If the suite bypasses CreateNamespace (because it wants to create more
specialized namespaces) it has no way to register deletes.
@liggitt this was something that came up in an older rebase and was missed (for things creating projects)
Automatic merge from submit-queue (batch tested with PRs 61962, 58972, 62509, 62606). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubelet: move QOSReserved from experimental to alpha feature gate
Fixes https://github.com/kubernetes/kubernetes/issues/61665
**Release note**:
```release-note
The --experimental-qos-reserve kubelet flags is replaced by the alpha level --qos-reserved flag or QOSReserved field in the kubeletconfig and requires the QOSReserved feature gate to be enabled.
```
/sig node
/assign @derekwaynecarr
/cc @mtaufen
Automatic merge from submit-queue (batch tested with PRs 61962, 58972, 62509, 62606). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix job's backoff limit for restart policy OnFailure
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#54870
**Release note**:
```release-note
NONE
```
/assign janetkuo
Automatic merge from submit-queue (batch tested with PRs 62642, 62855, 62487, 62858, 62873). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
build/rpms: fix kubeadm rpm
**What this PR does / why we need it**:
Change #61633 doesn't seem quite correct, and breaks bazel builds.
This patch makes sure that:
- there is no conflict between directory files and build targets
- rpm files are properly packaged after being installed
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
I'm not sure how the previous attempt passed CI, but the corollary is that the status for this one might be considered suspect as well.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62642, 62855, 62487, 62858, 62873). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
final record flag cleanup
This ties off the remainder of the record flag uses. Trying to merge different types of patches is fraught, so I added a way to get a merge patch (not a strategic patch) back from the annotation update.
@kubernetes/sig-cli-maintainers
/assign @soltysh
/assign @juanvallejo
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62642, 62855, 62487, 62858, 62873). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
simplify the client cache
We created the client cache back when we negotiated versions to create a config and a client. Now we don't, so this is just debt. This removes all the obvious places. I'll open a separate WIP to try to kill the rest.
@kubernetes/sig-cli-maintainers
@soltysh
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62642, 62855, 62487, 62858, 62873). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make pod status to Running if some are Running and some are Completed
**What this PR does / why we need it**:
Make pod status to Running if some are Running and some are Completed
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62588
**Special notes for your reviewer**:
Only Set Pod status to Completed when no other reason, no Running container and only Completed containers.
Set status to Running if some are Running and some are Completed
**Release note**:
```release-note
Set pod status to "Running" if there is at least one container still reporting as "Running" status and others are "Completed".
```
Automatic merge from submit-queue (batch tested with PRs 59592, 62308, 62523, 62635, 62243). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Separate pod priority from preemption
**What this PR does / why we need it**:
Users request to split priority and preemption feature gate so they can use priority separately.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62068
**Special notes for your reviewer**:
~~I kept use `ENABLE_POD_PRIORITY` as ENV name for gce cluster scripts for backward compatibility reason. Please let me know if other approach is preffered.~~
~~This is a potential **break change** as existing clusters will be affected, we may need to include this in 1.11 maybe?~~
TODO: update this doc https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
[Update] Usage: in config file for scheduler:
```yaml
apiVersion: componentconfig/v1alpha1
kind: KubeSchedulerConfiguration
...
disablePreemption: true
```
**Release note**:
```release-note
Split PodPriority and PodPreemption feature gate
```
Automatic merge from submit-queue (batch tested with PRs 59592, 62308, 62523, 62635, 62243). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use shorter timeout when we expecting failure
**What this PR does / why we need it**:
Use shorter timeout when we wait pod to not be running or PVC to not be bound
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#55174
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 59592, 62308, 62523, 62635, 62243). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
update comments for local volume
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes # https://github.com/kubernetes/kubernetes/issues/62278
**Special notes for your reviewer**:
/assign @jsafrane @msau42
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 59592, 62308, 62523, 62635, 62243). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add support to resize Portworx volume
Signed-off-by: Harsh Desai <harsh@portworx.com>
**What this PR does / why we need it**:
This PR adds support in the Portworx volume plugin to expand an existing PVC.
**Which issue(s) this PR fixes**:
Closes#62305
**Release note**:
```release-note
Add support to resize Portworx volumes.
```
Automatic merge from submit-queue (batch tested with PRs 59592, 62308, 62523, 62635, 62243). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Roundtrip test helper for external types
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#54698
**Special notes for your reviewer**:
/assign @deads2k @sttts
Since you've asked for it in the original issue. The FIXME I've pointed out to is worth addressing, but I'd prefer to do it afterwards. Do we want to implement appropriate test for all the api groups from `k8s.io/api` ?
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add ut for kuberuntime-gc
**What this PR does / why we need it**:
Add ut for kuberuntime-gc to cover more situations:
1) Add two uncovered cases to test sandbox-gc
(1) When there are more than one exited sandboxes,the older exited sandboxes without containers for existing pods should be garbage collected;
(2) Even though there are more than one exited sandboxes,the older exited sandboxes with containers for existing pods should not be garbage collected.
2) Add one uncovered case to test container-gc
(1) To cover the situation when allSourcesReady is set false;
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
"NONE"
```
Change #61633 doesn't seem quite correct, and breaks bazel builds.
This patch makes sure that:
- there is no conflict between directory files and build targets
- rpm files are properly packaged after being installed
Automatic merge from submit-queue (batch tested with PRs 62726, 60085, 62583). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update github.com/stretchr/testify to v1.2.1
cd $GOPATH/src/k8s.io/kubernetes
hack/godep-restore.sh
rm -rf Godeps
rm -rf vendor
hack/godep-save.sh
**What this PR does / why we need it**:
v1.2.1 of Testify includes new functions (e.g., ElementsMatch) that make it easier to compare data structures such as slices.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 62726, 60085, 62583). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove podpreset in local up cluster
This was enabled in 6a7aca3129, but
shouldn't have been since the podpreset implementation is in the process
of being moved into service-catalog.
Release note:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62726, 60085, 62583). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Refactor kubeadm api validation.
**What this PR does / why we need it**:
This PR refactor kubeadm api validation to use field json name. When users get a validation error, they can easily know which field is invalid in their config files.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
@fabriziopandini I remember we mentioned this refactoring in some comment. I didn't see this change was done, so I send this PR to address this.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add metrics to cinder volume
**What this PR does / why we need it**: We need cinder volume metrics to be exposed
**Which issue(s) this PR fixes**:
Fixes#62644
**Special notes for your reviewer**: This is not tested in running cluster.
**Release note**:
```release-note
Make volume usage metrics available for Cinder
```
cc @gnufied @dims
This PR unpacks the downloaded ConfigMap to a set of files on the node.
This enables other config files to ride alongside the
KubeletConfiguration, and the KubeletConfiguration to refer to these
cohabitants with relative paths.
This PR also stops storing dynamic config metadata (e.g. current,
last-known-good config records) in the same directory as config
checkpoints. Instead, it splits the storage into `meta` and
`checkpoints` dirs.
Automatic merge from submit-queue (batch tested with PRs 62632, 62789, 62512, 62848). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
use recordFlags to manage recording
This updates the set commands to use the recordflags and updates the commands we're touching to follow the pattern that is emerging. A method for New*Options, a valid default value for a recorder there, using the value `o` everywhere to refer to options, naming the struct `<commandName>Options`.
@kubernetes/sig-cli-maintainers
@soltysh @juanvallejo continues the effort
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62632, 62789, 62512, 62848). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubectl stops rendering List as suffix kind name for CRD resources
**What this PR does / why we need it**:
`List` should not be treated as suffix when validating CRD objects.
Removing this validation won't break anything.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62410
**Special notes for your reviewer**:
/assign liggitt deads2k
/cc nikhita soltysh
**Release note**:
```release-note
kubectl stops rendering List as suffix kind name for CRD resources
```
Automatic merge from submit-queue (batch tested with PRs 62632, 62789, 62512, 62848). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[prometheus addon] Use secure kubelet port
This PR changes port used by prometheus server to kubelet secure port. To access endpoints for metrics it adds "nodes/metrics" resource to rbac.
Previously it was not possible to authorize to kubelet in GCP, because Token Auth was disabled.
PR that enabled Token Auth in GCP https://github.com/kubernetes/kubernetes/pull/58178
```release-note
NONE
```
/cc @brancz @kawych
This change exports the RBAC validation functions to allow types
outside of the RBAC API group to embed a RBAC type and reuse this
validation logic. Note that only ValidateRBACName,
ValidatePolicyRule and ValidateRoleBindingSubject were exported.
The rest of the functions were already exported.
Signed-off-by: Monis Khan <mkhan@redhat.com>
