Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Change RBAC storage version to v1 for 1.9
v1 was introduced in 1.8, but storage version remained at v1beta1 to accommodate HA rolling upgrades. in 1.9, we can change the persisted and preferred version to v1
```release-note
RBAC objects are now stored in etcd in v1 format. After completing an upgrade to 1.9, RBAC objects (Roles, RoleBindings, ClusterRoles, ClusterRoleBindings) should be migrated to ensure all persisted objects are written in `v1` format, prior to `v1alpha1` support being removed in a future release.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
support nodeSelector in kubefed init
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50716
**Special notes for your reviewer**:
/assign @gyliu513
**Release note**:
```release-note
support nodeSelector in kubefed init
```
Automatic merge from submit-queue (batch tested with PRs 52630, 53110, 53136, 53075). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
federation/pkg/federation-controller/util: fix swallowed errors
**What this PR does / why we need it**: The re-declaration of `err` inside the `if` block causes it to be lost before the check on line 93, even though it is reassigned on lines 95 and 90. By declaring the secret variable on line 71 I was able to ditch the `:=` assignment on line 72, meaning we can keep the `err` variable previously defined before the block on line 47.
```release-note NONE
```
Automatic merge from submit-queue (batch tested with PRs 52630, 53110, 53136, 53075). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Simplify deployment in federation CI jobs
**What this PR does / why we need it**:
Introduce a new variable `USE_PV_FOR_ETCD` to control whether to use PV for federation etcd. `USE_PV_FOR_ETCD` is set to false by default and can be overridden in CI jobs where we want to test with PV. For most of the federation CI jobs, it does not matter whether we use PV for etcd or not. We can overcome some issues by not depending on PV's in federation setup like failure to bind to PV and leaking PD's. etc...
#50543 is one such issue associated with PV.
This PR also contain a commit to fix couple of minor issues and removing unnecessary include of cluster/common script.
**Release note**:
```release-note
NONE
```
/assign @madhusudancs
/cc @kubernetes/sig-federation-pr-reviews
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
Refactor federation dns test case with sets.String
**What this PR does / why we need it**:
change to make got and want use sets.String instead, since that is both safe and more clearly shows the intent.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51396
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
[Federation] Hpa controller controls target objects
This is in the series of PRs over https://github.com/kubernetes/kubernetes/pull/45993.
The last commit is reviewable. Probably the last PR in this chain with e2e tests for relevant scenario, including the scenario created by this PR is soon to follow.
**Special notes for your reviewer**:
@kubernetes/sig-federation-pr-reviews
@quinton-hoole
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 51229, 50131, 51074, 51167, 51213)
Fix typos in kubefed
**What this PR does / why we need it**:
Fix some typos in kubefed.
**Which issue this PR fixes** : fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
After hpa controller determines the replica nums needed per cluster, it also
controls the distribution of target objs (rs or deployment) into the correct
clusters by telling the corresponding controllers, which clusters they should
put the objects into (passed as list of selected clusters in annotations).
Automatic merge from submit-queue (batch tested with PRs 50531, 50853, 49976, 50939, 50607)
Log error from ensureDNSRecords
Hiding errors is not a good idea. It took me some time to figure it out why my coredns is not working. It turned out that I had wrong etcd configuration but errors about it were hidden.
```release-note
NONE
```
Automatic merge from submit-queue
[Federation] Fix flake in TestUpdateClusterRace
**What this PR does / why we need it**:
Fix#50262
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50262
**Special notes for your reviewer**:
Although we do locking/unlocking while using protected data in ClusterController, there are chances that `clusterClient` can be deleted as it is a pointer. Also its better to lock/unlock once for the function `UpdateClusterStatus` instead of multiple locks/unlocks.
**Release note**:
```
NONE
```
/assign @madhusudancs
/cc @dminh @kubernetes/sig-federation-bugs
Automatic merge from submit-queue (batch tested with PRs 49725, 50367, 50391, 48857, 50181)
Don't call one of pointless conversions
@kubernetes/sig-federation-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 49642, 50335, 50390, 49283, 46582)
Add rbac.authorization.k8s.io/v1
xref https://github.com/kubernetes/features/issues/2
Promotes the rbac.authorization.k8s.io/v1beta1 API to v1 with no changes
```release-note
The `rbac.authorization.k8s.io/v1beta1` API has been promoted to `rbac.authorization.k8s.io/v1` with no changes.
The `rbac.authorization.k8s.io/v1alpha1` version is deprecated and will be removed in a future release.
```
Automatic merge from submit-queue (batch tested with PRs 50016, 49583, 49930, 46254, 50337)
[Federation] Make the hpa scale time window configurable
This PR is on top of open pr https://github.com/kubernetes/kubernetes/pull/45993.
Please review only the last commit in this PR.
This adds a config param to controller manager, the value of which gets passed to hpa adapter via sync controller.
This is needed to reduce the overall time limit of the hpa scaling window to much lesser (then the default 2 mins) to get e2e tests run faster. Please see the comment on the newly added parameter.
**Special notes for your reviewer**:
@kubernetes/sig-federation-pr-reviews
@quinton-hoole
@marun to please validate the mechanism used to pass a parameter from cmd line to adapter.
**Release note**:
```
federation-controller-manager gets a new flag --hpa-scale-forbidden-window.
This flag is used to configure the duration used by federation hpa controller to determine if it can move max and/or min replicas
around (or not), of a cluster local hpa object, by comparing current time with the last scaled time of that cluster local hpa.
Lower value will result in faster response to scalibility conditions achieved by cluster local hpas on local replicas, but too low
a value can result in thrashing. Higher values will result in slower response to scalibility conditions on local replicas.
```
Automatic merge from submit-queue (batch tested with PRs 45993, 50293)
[Federation] HPA controller
This PR implements the design listed in https://github.com/kubernetes/community/pull/593.
This is still a work in progress, and needs more unit tests to be added.
I will add the integration tests and e2e tests in a separate PR(s).
@kubernetes/sig-federation-pr-reviews
**Release note**:
```
Horizontal Pod Autoscaling is now available as an alpha feature in federation.
It can be used to distribute and scale workload across clusters joined in a federation.
In its current form, it works only on cpu utilization and the support for other metrics is yet to be built in.
```
Automatic merge from submit-queue
fix typos in federation-controller
**What this PR does / why we need it**:
fix some typos in federation-controller.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
updates for ClusterController's maps were made without locking which can lead
to race conditions which were detectede in https://github.com/kubernetes/kubernetes/issues/49958
This change adds a RWMutex to protect the data. We lock and unlock them
whenever the data is accessed to make sure that we dont slow down too much.
Signed-off-by: Daniel Dao <dqminh89@gmail.com>
Automatic merge from submit-queue (batch tested with PRs 46519, 49794, 49720, 49692, 49821)
Federation: Add delaying deliverer to dns controller
**What this PR does / why we need it**:
- if `ensureDNSRecords` returned an error there was no retry, so now introduced an delaying deliverer which would reattempt to do ensureDNSRecords.
- ~~Revamped unit test cases of DNS controller. Added more test cases and increased the test coverage.
This was a leftover job from earlier refactoring PR's.~~
```release-note
NONE
```
/assign @quinton-hoole
cc @marun @madhusudancs @kubernetes/sig-federation-pr-reviews
Automatic merge from submit-queue
Adding option to set the federation api server port if nodeport is set
**What this PR does / why we need it**: Kubefed will deploy the respected services and then it will do a health check. Prior to this patch if the user selects the nodeport a random port is opened. In environments where firewalls are in place this random port selection will cause the health check to fail. With this patch we enable users to designate a specific port, after for example opening it on their firewall.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#46021
**Special notes for your reviewer**:
**Release note**:
```
Kubefed init allows for setting port in Nodeport configuration
```
Automatic merge from submit-queue (batch tested with PRs 46913, 48910, 48858, 47160)
federation: Stop using and remove federation internalclientset
**What this PR does / why we need it**:
This probably a left over job. We should not be using the internal clientset and instead be using versioned ones as described in #29934
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
```release-note
NONE
```
/assign @nikhiljindal
/cc @kubernetes/sig-federation-misc
Automatic merge from submit-queue (batch tested with PRs 43443, 46193, 49071, 47252)
[Federation][Kubefed] Support reference document autogeneration for kubefed
This PR is needed to address the documentation issue https://github.com/kubernetes/kubernetes.github.io/issues/2888
Apart from the code auto generation have updated some descriptions for consistency.
**Special notes for your reviewer**:
@kubernetes/sig-federation-misc
cc @madhusudancs @csbell
**Release note**:
```NONE
```
