Commit Graph

57214 Commits

Author SHA1 Message Date
Isaac Hollander McCreery
be8aaf9ff8 Add prometheus-to-sd-exporter to metadata-proxy addon; bump to proxy to v0.1.4 and e2e to v0.0.2; remove configmag 2017-11-03 10:23:05 -07:00
Kubernetes Submit Queue
92952cfe77
Merge pull request #55053 from xiangpengzhao/version-check-auth
Automatic merge from submit-queue (batch tested with PRs 55063, 54523, 55053). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Don't need to check version for auth e2e test

**What this PR does / why we need it**:
In 1.9 cycle, some e2e test don't need to run against so older versions.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
ref: #55050

**Special notes for your reviewer**:
/cc @tallclair @liggitt

**Release note**:

```release-note
NONE
```
2017-11-03 10:00:15 -07:00
Kubernetes Submit Queue
85877a5aa1
Merge pull request #54523 from jekohk/sync-rollout-status-add-unit-tests
Automatic merge from submit-queue (batch tested with PRs 55063, 54523, 55053). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

unit tests for syncRolloutStatus in pkg/controller/deployment

**What this PR does / why we need it**:
Adds unit tests for syncRolloutStatus func in controller/deployment package.

**Which issue this PR fixes**: 
fixes #53663 

**Release note**:

```release-note
NONE
```
2017-11-03 10:00:12 -07:00
Kubernetes Submit Queue
a8dcc801c6
Merge pull request #55063 from chenpengdev/patch-2
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

fix exported method run's comment

**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note

```
2017-11-03 09:53:59 -07:00
Kubernetes Submit Queue
7ec4790991
Merge pull request #54394 from sttts/sttts-conversion-gen-kube-peer-dirs
Automatic merge from submit-queue (batch tested with PRs 51874, 54394). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

conversion-gen: cut off kube dependencies in extra-peer-dirs

Fixes #54301

This makes conversion-gen usable in a context without a vendored k8s.io/kubernetes.

```release-note
In conversion-gen removed Kubernetes core API from default extra-peer-dirs.
```
2017-11-03 09:07:45 -07:00
Kubernetes Submit Queue
830a363598
Merge pull request #51874 from vfreex/fix-ipvs-check
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

kube-proxy IPVS: Fix IPVS availability check

**What this PR does / why we need it**:
The current implementation of `CanUseIPVSProxier()` reads `/proc/modules`
to check whether IPVS related kernel modules can be loaded.
  
You might get a false-negative when the kernel modules are installed to
the system but haven't been loaded into the kernel.

This patch firstly try to run `modprobe` to load specified kernel
modules, then just log warnings if error occured.
Secondly, it will check loaded kernel modules by reading
`/proc/modules`, return an error if any required module is missing.

This change will not break the compatability of existing implementation.
Running kube-proxy in a container without mounting `/lib/modules` will
cause `modprobe` warnings, but not raise an error if all required modules are
present in the host kernel.

**Special notes for your reviewer**:

**Release note**:

```release-note
 Fix IPVS availability check
```
2017-11-03 09:04:25 -07:00
xiangpengzhao
32675e6f62 Remove check for SubResourcePodProxyVersion and SubResourceServiceAndNodeProxyVersion 2017-11-03 23:11:09 +08:00
chenpengdev
3429d8950b
fix exported method run's comment 2017-11-03 22:40:03 +08:00
Kubernetes Submit Queue
12752f3139
Merge pull request #55041 from wackxu/remdup
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

remove duplicate healthz check register

**What this PR does / why we need it**:

We registe healthz check twice, another is 

https://github.com/kubernetes/kubernetes/blob/master/cmd/kube-controller-manager/app/controllermanager.go#L203

we should remove the duplicate one

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-11-03 07:18:00 -07:00
Kubernetes Submit Queue
db17709552
Merge pull request #55054 from krzysztof-jastrzebski/e2e
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add scale down to 1 e2e test.

This PR adds test checking scale to 1 functionality.
2017-11-03 06:33:26 -07:00
Kubernetes Submit Queue
6fe3a4d82a
Merge pull request #55000 from deads2k/admission-10-split
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

make easy validation admission plugins into validators

This switches "easy" admission plugins that need to be validators to be validators.  I also did one simple plugin to do both mutation and validation for practice.

@kubernetes/sig-api-machinery-pr-reviews @caesarxuchao
2017-11-03 06:33:17 -07:00
David Eads
75c448dbc7 make easy validation admission plugins into validators 2017-11-03 07:54:39 -04:00
Krzysztof Jastrzebski
7a5e9582bc Add scale down to 1 e2e test. 2017-11-03 11:48:37 +01:00
Kubernetes Submit Queue
aa66d8cb98
Merge pull request #54991 from krzysztof-jastrzebski/master
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Node autoprovisioning e2e test.

This PR adds test scenario for cluster-autoscaler in GKE  for node autoprovisioning.
2017-11-03 03:19:17 -07:00
Kubernetes Submit Queue
6af21e8eb4
Merge pull request #54956 from vladimirvivien/scaleio-remove-drv_cfg-dep
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Remove dependency on drv_cfg binary for querying ScaleIO devices

**What this PR does / why we need it**:
This PR fixes the issue where a ScleIO kubernetes plugin required additional binary `drv_cfg` to be present on the local node to work properly, making it harder for the kubelet binary to be containerized without providing access to local paths inside the container.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #54954 

**Special notes for your reviewer**:

**Release note**:

```release-note
ScaleIO driver completely removes dependency on drv_cfg binary so a Kubernetes cluster can easily run a containerized kubelet.
```
2017-11-03 03:18:56 -07:00
xiangpengzhao
026197fb04 Auto generated BUILD file 2017-11-03 16:55:36 +08:00
xiangpengzhao
c7ce2f6a37 Don't need to check version for auth e2e test 2017-11-03 16:53:52 +08:00
Kubernetes Submit Queue
676e28ff7a
Merge pull request #54848 from xiangpengzhao/add-ipvsscheduler-testcase
Automatic merge from submit-queue (batch tested with PRs 54906, 54120, 54934, 54915, 54848). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Improve unit test coverage for kube-proxy configuration.

**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:
/cc @ncdc 

**Release note**:

```release-note
NONE
```
2017-11-02 23:02:18 -07:00
Kubernetes Submit Queue
eacca001eb
Merge pull request #54915 from xiangpengzhao/np-ut-cov
Automatic merge from submit-queue (batch tested with PRs 54906, 54120, 54934, 54915, 54848). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Improve unit test coverage for network policy validation.

**What this PR does / why we need it**:
`ok  	k8s.io/kubernetes/pkg/apis/networking/validation	0.074s	coverage: 87.8% of statements`

to 

`ok  	k8s.io/kubernetes/pkg/apis/networking/validation	0.082s	coverage: 100.0% of statements`

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-11-02 23:02:16 -07:00
Kubernetes Submit Queue
9ca2bda520
Merge pull request #54934 from akosiaris/master
Automatic merge from submit-queue (batch tested with PRs 54906, 54120, 54934, 54915, 54848). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Only parse ClusterCIDR, ServiceCIDR if AllocateNodeCIDRs

**What this PR does / why we need it**:

Avoid unnecessary spam in kube-controller-manager log if --cluster-cidr is not specified and --allocate-node-cidrs is false. Add clarification in kube-controller-manager help about that.

**Release note**
```release-note
Avoid unnecessary spam in kube-controller-manager log if --cluster-cidr is not specified and --allocate-node-cidrs is false.
```
2017-11-02 23:02:13 -07:00
Kubernetes Submit Queue
b006bc5d04
Merge pull request #54120 from m1093782566/fix-proxy-mode
Automatic merge from submit-queue (batch tested with PRs 54906, 54120, 54934, 54915, 54848). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix kube-proxy fall back to iptables firstly when unable to load kernel modules

**What this PR does / why we need it**:

Fix kube-proxy fall back to iptables firstly when unable to load kernel modules

**Which issue this PR fixes**: 

fixes #54121

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```

/kind bug
/sig network
/area kube-proxy
2017-11-02 23:02:10 -07:00
Kubernetes Submit Queue
63cc600626
Merge pull request #54906 from xiangpengzhao/sc-beta-v1
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Update storageclass version to v1 in examples

**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:
/cc @jsafrane 

**Release note**:

```release-note
NONE
```
2017-11-02 22:38:04 -07:00
Kubernetes Submit Queue
e19dbba8a2
Merge pull request #54972 from m1093782566/ipvs-ipv6
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

clean up legacy ipv4/32 in ipvs proxy

**What this PR does / why we need it**:

clean up legacy ipv4/32 in ipvs proxy

**Which issue(s) this PR fixes**: closes #51866

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
/sig network

/area ipv6

/assign @thockin 

cc @danehans
2017-11-02 21:52:38 -07:00
Kubernetes Submit Queue
1fc64162d3
Merge pull request #54976 from m1093782566/ipvs-kubeadm
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add kubeadm way in ipvs proxy README

**What this PR does / why we need it**:

As #53962 which support specify proxy mode for kubeadm is already in, we should add ipvs proxy kubeadm way in README.md.

**Which issue(s) this PR fixes**:
Fixes #54978

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-11-02 21:03:07 -07:00
wackxu
22a706ed50 remove duplicate healthz check register 2017-11-03 11:27:30 +08:00
Kubernetes Submit Queue
0575f72832
Merge pull request #55020 from derekwaynecarr/fix-spam
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

StopPodSandbox should not log when container is already removed

**What this PR does / why we need it**:
StopPodSandbox should not log when a container is already gone.  It should only log if it could not stop and the container was still present.

Fixes https://github.com/kubernetes/kubernetes/issues/55021

**Special notes for your reviewer**:
This was seen in our production logs, need to eliminate spam.

**Release note**:
```release-note
NONE
```
2017-11-02 19:48:31 -07:00
m1093782566
ea930dbe5c fix kube-proxy mode 2017-11-03 09:41:54 +08:00
Kubernetes Submit Queue
63c409727c
Merge pull request #54996 from mwielgus/metadata-proxy
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Reduce metadata-proxy cpu requests to 30m

After the recent change enabling metadata-proxy in tests (https://github.com/kubernetes/kubernetes/pull/54150) we started seeing problems with scheduling cluster autoscaler on master. Metadata-proxy eats all of the available space leaving nothing for CA to run on. 

This PR reduces the cpu requests for metadata-proxy allowing other components to fit in.

cc: @kubernetes/sig-autoscaling-bugs
2017-11-02 18:08:10 -07:00
Kubernetes Submit Queue
7a28aaffa7
Merge pull request #54964 from Random-Liu/add-containerd-e2e
Automatic merge from submit-queue (batch tested with PRs 54488, 54838, 54964). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add support to for alternative container runtime in `kube-up.sh`

For https://github.com/kubernetes/features/issues/286.

This PR added 4 new environment variables in `kube-up.sh` to support alternative container runtime:
1) `KUBE_MASTER_EXTRA_METADATA` and `KUBE_NODE_EXTRA_METADATA`. Add extra metadata on master and node instance. With this we could specify different cloud-init for a different container runtime, and also add extra metadata for the new cloud-init, e.g. [master.yaml](7d73966214/test/e2e/master.yaml)
2) `KUBE_CONTAINER_RUNTIME_ENDPOINT`. Specify different sock for different container runtime. It's only used when it's not empty.
3) `KUBE_LOAD_IMAGE_COMMAND`. Specify different load image command for different container runtime.

An example for cri-containerd:
```
export KUBE_MASTER_EXTRA_METADATA="user-data=${GOPATH}/src/github.com/kubernetes-incubator/cri-containerd/test/e2e/master.yaml,cri-containerd-configure-sh=${GOPATH}/src/github.com/kubernetes-incubator/cri-containerd/test/configure.sh"
export KUBE_NODE_EXTRA_METADATA="user-data=${GOPATH}/src/github.com/kubernetes-incubator/cri-containerd/test/e2e/node.yaml,cri-containerd-configure-sh=${GOPATH}/src/github.com/kubernetes-incubator/cri-containerd/test/configure.sh"
export KUBE_CONTAINER_RUNTIME="remote"
export KUBE_CONTAINER_RUNTIME_ENDPOINT="/var/run/cri-containerd.sock"
export KUBE_LOAD_IMAGE_COMMAND="/home/cri-containerd/usr/local/bin/cri-containerd load"
export NETWORK_POLICY_PROVIDER="calico"
```

Signed-off-by: Lantao Liu <lantaol@google.com>

```release-note
none
```
/cc @yujuhong @dchen1107 @feiskyer @mikebrow @abhi @mrunalp @runcom 
/cc @kubernetes/sig-node-pr-reviews
2017-11-02 18:01:19 -07:00
Kubernetes Submit Queue
52ec6f425b
Merge pull request #54838 from Random-Liu/fix-calico-network-policy
Automatic merge from submit-queue (batch tested with PRs 54488, 54838, 54964). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix calico network policy for opensource.

For https://github.com/kubernetes/features/issues/286

This PR:
1) Add `NON_MASTER_NODE_LABELS` env, and only apply calico node label on non-master nodes.
2) Set ip masq rules in cloud init, so that we don't need the ip masq agent. @dchen1107 @dnardo As we discussed.
3) Let master use `${NETWORK_PROVIDER}` instead of fixed cni, because we won't run calico node agent on master. The master network should be configured separately (kubenet by default).

With this PR, I could bring up a cluster with `NETWORK_POLICY_PROVIDER=calico` on GCE now.
```console
$ cluster/kubectl.sh get pods --all-namespaces
NAMESPACE     NAME                                                  READY     STATUS    RESTARTS   AGE
kube-system   calico-node-9bxbv                                     2/2       Running   0          13m
kube-system   calico-node-kjxtw                                     2/2       Running   0          13m
kube-system   calico-node-vertical-autoscaler-67fb4f45bd-hcjmw      1/1       Running   0          16m
kube-system   calico-node-xs2s2                                     2/2       Running   0          13m
kube-system   calico-typha-7c4d876ddf-d4dtx                         1/1       Running   0          15m
kube-system   calico-typha-horizontal-autoscaler-5f477cdc66-qwwph   1/1       Running   0          16m
kube-system   calico-typha-vertical-autoscaler-58f7d686f7-pn72s     1/1       Running   0          16m
kube-system   etcd-empty-dir-cleanup-e2e-test-lantaol-master        1/1       Running   0          16m
kube-system   etcd-server-e2e-test-lantaol-master                   1/1       Running   0          16m
kube-system   etcd-server-events-e2e-test-lantaol-master            1/1       Running   0          16m
kube-system   event-exporter-v0.1.7-9d4dbb69c-m76v5                 2/2       Running   0          16m
kube-system   fluentd-gcp-v2.0.10-25dmf                             2/2       Running   0          16m
kube-system   fluentd-gcp-v2.0.10-kgxsk                             2/2       Running   0          16m
kube-system   fluentd-gcp-v2.0.10-p75xg                             2/2       Running   0          16m
kube-system   fluentd-gcp-v2.0.10-xzh77                             2/2       Running   0          16m
kube-system   heapster-v1.5.0-beta.0-5cf4d9dff7-dmvm7               4/4       Running   0          13m
kube-system   kube-addon-manager-e2e-test-lantaol-master            1/1       Running   0          15m
kube-system   kube-apiserver-e2e-test-lantaol-master                1/1       Running   0          16m
kube-system   kube-controller-manager-e2e-test-lantaol-master       1/1       Running   0          16m
kube-system   kube-dns-79bdcb6c9f-2bpc8                             3/3       Running   0          15m
kube-system   kube-dns-79bdcb6c9f-gr686                             3/3       Running   0          16m
kube-system   kube-dns-autoscaler-996dcfc9d-pfs4s                   1/1       Running   0          16m
kube-system   kube-proxy-e2e-test-lantaol-minion-group-3khw         1/1       Running   0          16m
kube-system   kube-proxy-e2e-test-lantaol-minion-group-6878         1/1       Running   0          16m
kube-system   kube-proxy-e2e-test-lantaol-minion-group-j9rq         1/1       Running   0          16m
kube-system   kube-scheduler-e2e-test-lantaol-master                1/1       Running   0          16m
kube-system   kubernetes-dashboard-765c6f47bd-lsw5r                 1/1       Running   0          16m
kube-system   l7-default-backend-6d477bf555-x54zf                   1/1       Running   0          16m
kube-system   l7-lb-controller-v0.9.7-e2e-test-lantaol-master       1/1       Running   0          16m
kube-system   metrics-server-v0.2.0-9c4f8c48d-gkl79                 2/2       Running   0          13m
kube-system   monitoring-influxdb-grafana-v4-54df94856c-krkvb       2/2       Running   0          16m
kube-system   rescheduler-v0.3.1-e2e-test-lantaol-master            1/1       Running   0          16m
```

**Note that with this PR, master node will be using kubenet by default. And network policy will not apply on master node.**

**We need this to unblock `cri-containerd` integration with `kube-up.sh`.**
/cc @dchen1107 @dnardo Please take a look.
@kubernetes/sig-network-misc @kubernetes/sig-cluster-lifecycle-misc 

Signed-off-by: Lantao Liu <lantaol@google.com>

```release-note
None
```
2017-11-02 18:01:16 -07:00
Kubernetes Submit Queue
2084f7f4f3
Merge pull request #54488 from lichuqiang/plugin_base
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add admission handler for device resources allocation

**What this PR does / why we need it**:
Add admission handler for device resources allocation to fail fast during pod creation

**Which issue this PR fixes** 
fixes #51592

**Special notes for your reviewer**:
@jiayingz Sorry, there is something wrong with my branch in #51895. And I think the existing comments in the PR might be too long for others to view. So I closed it and opened the new one, as we have basically reach an agreement on the implement :)
I have covered the functionality and unit test part here, and would set about the e2e part ASAP

/cc @jiayingz @vishh @RenaudWasTaken 

**Release note**:

```release-note
NONE
```
2017-11-02 17:24:06 -07:00
Kubernetes Submit Queue
b3fa2aebe5
Merge pull request #55029 from mengqiy/discovery_client
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

discovery client not depend on pkg/api/legacyscheme

Switch kubectl's cached discovery client to use kubect's scheme (pkg/kubectl/scheme) which only registered with external version types.

The encoding and decoding here uses only `k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList` and `k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList` which are not internal version. So it should be safe.

```release-note
NONE
```

/assign @monopole
2017-11-02 16:44:12 -07:00
Kubernetes Submit Queue
9c41f9baf1
Merge pull request #50887 from netroby/patch-1
Automatic merge from submit-queue (batch tested with PRs 55016, 50887). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

If command.Execute() return err, print to stdErr

The current kube-proxy not print error if (execute() failed) . not so good and not so friendly to user.
If print err to stdError, will show us why it failed.
2017-11-02 15:40:15 -07:00
Kubernetes Submit Queue
fb67f84ed1
Merge pull request #55016 from mengqiy/cleanup_resouce_test
Automatic merge from submit-queue (batch tested with PRs 55016, 50887). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Cleanup resouce test

- Make client-go testing support decoding to external version
- Cleanup bad dependency of `pkg/kubectl/resource` pkg

```release-note
NONE
```

/assign @monopole @caesarxuchao
2017-11-02 15:40:12 -07:00
ymqytw
5557f2e444 discovery client not depend on pkg/api/legacyscheme 2017-11-02 14:59:21 -07:00
Lantao Liu
8279916c65 Fix calico network policy for opensource.
Signed-off-by: Lantao Liu <lantaol@google.com>
2017-11-02 21:56:46 +00:00
Kubernetes Submit Queue
dc35709eee
Merge pull request #54085 from yujuhong/checkpoint-pkg
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add a file store utility package in kubelet

More and more components checkpoints (i.e., persist their states) in
kubelet. Refurbish and move the implementation in dockershim to a
utility package to improve code reusability.
2017-11-02 13:50:16 -07:00
ymqytw
2872e53c03 cleanup kubectl/resource tests dependency 2017-11-02 13:06:07 -07:00
Kubernetes Submit Queue
3a15fdbe7e
Merge pull request #54643 from mtaufen/structure-manifest-url-header
Automatic merge from submit-queue (batch tested with PRs 52367, 53363, 54989, 54872, 54643). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Lift embedded structure out of ManifestURLHeader field

Related: #53833

```release-note
It is now possible to set multiple manifest url headers via the Kubelet's --manifest-url-header flag. Multiple headers for the same key will be added in the order provided. The ManifestURLHeader field in KubeletConfiguration object (kubeletconfig/v1alpha1) is now a map[string][]string, which facilitates writing JSON and YAML files.
```
2017-11-02 12:59:24 -07:00
Kubernetes Submit Queue
4e19b0fd22
Merge pull request #54872 from pwittrock/apply
Automatic merge from submit-queue (batch tested with PRs 52367, 53363, 54989, 54872, 54643). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Support retainkeys strategy for new merge code

- Some prefactoring for retainkeys
- Add retainkeys strategy


```release-note
NONE
```
2017-11-02 12:59:21 -07:00
Kubernetes Submit Queue
5f73021e25
Merge pull request #54989 from wackxu/reterr
Automatic merge from submit-queue (batch tested with PRs 52367, 53363, 54989, 54872, 54643). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

should check and return err when visit failure

**What this PR does / why we need it**:

should check and return err when visit failure

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-11-02 12:59:18 -07:00
Kubernetes Submit Queue
113ab743b8
Merge pull request #53363 from tcharding/genutils
Automatic merge from submit-queue (batch tested with PRs 52367, 53363, 54989, 54872, 54643). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

cmd: genutils: remove entry from .golint_failures

**What this PR does / why we need it**:

`golint` emits warnings

```
exported function OutDir should have comment or be unexported
strings should not be capitalized or end with punctuation or a newline
```

- Add documentation comment to exported function OutDir.
- Remove newline from error string.
- Remove `hack\.golint_failures` entry for `cmd/genutils`

**Special notes for your reviewer**:
   
Don't know which sig to use?

**Release note**:

```release-note
NONE
```

/kind cleanup
2017-11-02 12:59:16 -07:00
Kubernetes Submit Queue
96d81fe688
Merge pull request #52367 from tallclair/psp-config
Automatic merge from submit-queue (batch tested with PRs 52367, 53363, 54989, 54872, 54643). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Basic GCE PodSecurityPolicy Config

**What this PR does / why we need it**:

This PR lays the foundation for enabling PodSecurityPolicy in GCE and other default deployments. The 3 commits are:

1. Add policies, roles & bindings for the default addons on GCE.
2. Enable the PSP admission controller & load the addon policies when the`ENABLE_POD_SECURITY_POLICY=true` environment variable is set.
3. Support the PodSecurityPolicy in the E2E environment & add PSP tests.

NOTES:

- ~~Depends on https://github.com/kubernetes/kubernetes/pull/52301 for privileged capabilities~~
- ~~Depends on https://github.com/kubernetes/kubernetes/pull/52849 for sane mutations~~
- ~~Depends on https://github.com/kubernetes/kubernetes/pull/53479 for aggregator tests to pass~~
- ~~Depends on https://github.com/kubernetes/kubernetes/pull/54175 for dedicated fluentd service~~ account
- This PR is a fork of https://github.com/kubernetes/kubernetes/pull/46064, credit to @Q-Lee

**Which issue this PR fixes**: #43538

**Release note**:
```release-note
Add support for PodSecurityPolicy on GCE: `ENABLE_POD_SECURITY_POLICY=true` enables the admission controller, and installs policies for default addons.
```
2017-11-02 12:59:13 -07:00
Derek Carr
79a08a1c90 StopPodSandbox should not log when container is already removed 2017-11-02 15:12:25 -04:00
Kubernetes Submit Queue
55e216f56e
Merge pull request #54957 from apelisse/update-kube-openapi
Automatic merge from submit-queue (batch tested with PRs 55004, 54957). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Update kube-openapi to use validation

**What this PR does / why we need it**: Moves openapi validation code to kube-openapi, so that we can move the rest of the code to apimachinery repository, so that later we can use it from both the client and the server.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #Nothing

**Special notes for your reviewer**:

**Release note**:
```release-note
NONE
```
2017-11-02 11:17:33 -07:00
Kubernetes Submit Queue
6232f365ff
Merge pull request #55004 from ihmccreery/master-sysctl
Automatic merge from submit-queue (batch tested with PRs 55004, 54957). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Explicitly set route_localnet on nodes & masters.

Allow for loopback addresses to be used for routing, specifically to
enable metadata proxy on master nodes.



**What this PR does / why we need it**: Enables metadata proxy (#8867) to work on the master.  This is already being done on the nodes by kube-proxy, but this makes it explicit, and sets it on the master where kube-proxy doesn't run.  Thanks to @dnardo for figuring this out!

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: fixes #54736
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-11-02 11:17:30 -07:00
Krzysztof Jastrzebski
9c1e6d7de8 Node autoprovisioning e2e test. 2017-11-02 18:33:45 +01:00
Alexandros Kosiaris
4dddb8c6b3 Only parse ClusterCIDR, ServiceCIDR if AllocateNodeCIDRs
ClusterCIDR and ServiceCIDR are settings that are only used if at least
AllocateNodeCIDRs is set. The route controller requires in addition to
it for ConfigureCloudRoutes to be true as well. Since
AllocateNodeCIDRs is by default false, if guard the parsing of these
settings in order to not unnecessarily spam logs. Amend the
documentation of kube-controller-manager for the 2 settings to point
out the requirement of AllocateNodeCIDRs to be true as well
2017-11-02 19:25:03 +02:00
Phillip Wittrock
51d1da1e94 Support retainkeys strategy in new apply merge code 2017-11-02 10:00:56 -07:00
Antoine Pelisse
8f7262e819 Update kube-openapi to use validation 2017-11-02 09:25:03 -07:00