Automatic merge from submit-queue
Add parallelism to GCE cluster upgrade
Fixes https://github.com/kubernetes/kubernetes/issues/48373
Should allow upgrading 500-node cluster (1.6->1.7) in < 1 hr. It currently takes ~1.5 day.
Though it is the duty of the upgrader to choose the right parallelism in order to avoid disrupting too many pods.
/cc @kubernetes/sig-cluster-lifecycle-pr-reviews @kubernetes/sig-scalability-misc @mikedanese @gmarek
Automatic merge from submit-queue (batch tested with PRs 49871, 49422, 49092, 49858, 48999)
ScaleIO Volume Plugin - Volume attribute fixes and updates
**What this PR does / why we need it**:
This is a housekeeping PR for small enhancements and fixes to the ScaleIO volume plugin to address issues:
- Enforcement of fsGroup
- Enable ScaleIO multiple-instance volume mapping
- Tighter validation of PVC parameters
- Injection of default PVC capacity when omitted
- Better alignment of PVC, PV, and volume names for dynamic provisioning
**Special notes for your reviewer**:
**Release note**:
```release-note
Enforcement of fsGroup; enable ScaleIO multiple-instance volume mapping; default PVC capacity; alignment of PVC, PV, and volume names for dynamic provisioning
```
Automatic merge from submit-queue (batch tested with PRs 49871, 49422, 49092, 49858, 48999)
adding kube-apiserver starting option tests
**What this PR does / why we need it**:
There is only one test for `--enable-swagger-ui` option in `cmd/kube-apiserver/app/options/options_test.go`, I have expanded this test with more kube-apiserver starting options.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
`NONE`
Automatic merge from submit-queue (batch tested with PRs 49871, 49422, 49092, 49858, 48999)
Refactor logging e2e tests, add new checks
I split existing code into smaller files to simplify the review and future changes
Also, there are new tests for stackdriver logging:
- ingesting system logs from all nodes
- ingesting logs in json format
- ingesting logs in glog format
Automatic merge from submit-queue (batch tested with PRs 49871, 49422, 49092, 49858, 48999)
Add KUBE_COVER help to "make test"
**What this PR does / why we need it**:
Add help info on `KUBE_COVER` to tell contributors how to run test with code coverage.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
/sig contributor-experience
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
If error continue for loop
If err does not add continue, type conversion will be error.
If do not add continue, pod. (* V1.Pod) may cause panic to run.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
[addon-manager] Remove unneeded annotation codes
**What this PR does / why we need it**:
Clean up addon-manager codes to make it less confusing. The annotation logics is only needed for 1.4->1.5 upgrade.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49870, 49416, 49872, 49892, 49908)
fix alpha/beta endpoint when api endpoint is specified
fix a bug in alpha/beta compute API endpoint bootstraping when api-endpiont is specified.
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 49870, 49416, 49872, 49892, 49908)
Make "kubeadm version" json format output more readable.
**What this PR does / why we need it**:
Add indent to json format output.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
ref: #43750#46598
**Special notes for your reviewer**:
output example:
```
#kubeadm version -o json
{
"clientVersion": {
"major": "1",
"minor": "8+",
"gitVersion": "v1.8.0-alpha.2.1026+d8205661b700c6-dirty",
"gitCommit": "d8205661b700c6f99c33ea0ac1e5ed3e49c202b2",
"gitTreeState": "dirty",
"buildDate": "2017-07-31T12:14:28Z",
"goVersion": "go1.8.3",
"compiler": "gc",
"platform": "linux/amd64"
}
}
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49870, 49416, 49872, 49892, 49908)
FC volume plugin: remove block device at DetachDisk
**What this PR does / why we need it**:
After a volume is unmounted from pod and worker node, and then PV and PVC are deleted, cluster admin or external-provisioner might delete the disk from storage, therefore block device on the node should be cleaned up beforehand.
The photon volume plugin already has same functionality.
**Which issue this PR fixes**: fixes#49392
**Special notes for your reviewer**:
/assign @rootfs
/cc @jsafrane @saad-ali
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49870, 49416, 49872, 49892, 49908)
Renamed zoneNotReadyOrUnreachableTainer to zoneNoExecuteTainer.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: partially fixes#42001
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 49898, 49897, 49919, 48860, 49491)
Fix usage a make(struct, len()) followed by append()
A couple of places in the code we allocate with make() but then use
append(), instead of copy() or direct assignment. This results in a
slice with len() zero elements at the front followed by the expected
data. The correct form for such usage is `make(struct, 0, len())`.
I found these by running:
```
$ git grep -EI -A7 'make\([^,]*, len\(' | grep 'append(' -B7 | grep -v vendor
```
And then manually looking through the results. I'm sure something better
could exist.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49898, 49897, 49919, 48860, 49491)
Add basic local volume provisioner e2e tests
**What this PR does / why we need it**:
Adds e2e tests to test local volume provisioner.
**Which issue this PR fixes**: fixes https://github.com/kubernetes/kubernetes/issues/48832
**Special notes for your reviewer**:
- bring up local volume provisioner using bootstrapper
- have provisioner create a volume by creating a directory under discovery path.
- check persistent volume is created
- make a claim on the PV, write some data then delete the claim. Verify volume is cleaned up.
**Release note**:
```release-note
```
@ianchakeres @msau42
Automatic merge from submit-queue (batch tested with PRs 49898, 49897, 49919, 48860, 49491)
gce: make append_or_replace.. atomic
Before this change,
* the final echo is not atomically written to the target file
* two concurrent callers will use the same tempfile
Helps with https://github.com/kubernetes/kubernetes/issues/49895
cc @miekg
Automatic merge from submit-queue (batch tested with PRs 49898, 49897, 49919, 48860, 49491)
gce: extend CLOBBER_CONFIG to support known_tokens.csv
Helps with #49895
After the kubelet rotates its client cert, it will keep connections
to the API server open indefinitely, causing it to use its old
credentials instead of the new certs
When the kubelet rotates its cert, close down existing connections
to force a new TLS handshake.
Automatic merge from submit-queue
Validate if service has duplicate port
**What this PR does / why we need it**:
Validate if a service has duplicate Spec.Ports.Port (same number with same protocol)
xref #47221
fixes this part:
>It is possible to express a Service with multiple ports blocks with the same number. This is not very useful and may cause trouble for implementations of Services.
**Special notes for your reviewer**:
/cc @thockin @liggitt @mengqiy
@kubernetes/sig-network-pr-reviews
**Release note**:
```release-note
NONE
```
This change makes it so that no escalation check is performed when
updating only the garbage collector fields (owner references and
finalizers) of RBAC resources. This allows the
garbage collector to delete roles that grant permissions such
as "create", which it will never have.
Signed-off-by: Monis Khan <mkhan@redhat.com>
