Automatic merge from submit-queue (batch tested with PRs 38741, 41301, 43645, 43779, 42337)
Plumb cipher/tls version serving options
Needed to allow servers to harden or relax default tls versions and ciphers
Automatic merge from submit-queue (batch tested with PRs 38741, 41301, 43645, 43779, 42337)
If we already have the right version of gazel installed, use it
**What this PR does / why we need it**: makes the bazel scripts marginally faster by only downloading/building gazel when necessary. Also removes the `followRedirects` config setting for gopkg.in which is no longer needed.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 38741, 41301, 43645, 43779, 42337)
De-Flake PersistentVolume E2E: Isolate resources with selectors
PersistentVolume tests continue to flake because tests Claims often bind to other, parallel tests' volumes. This is addressed by isolating test resource with selector labels specific to each test namespace. Doing so enables deterministic binding within each test space and allows tests to run in parallel.
1. Assign selector label to volumes and claims per test.
2. Remove `[Serial]` tag
cc @jeffvance
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 38741, 41301, 43645, 43779, 42337)
replicaset adopt and release e2e tests
**What this PR does / why we need it**: adds e2e tests for replicaset pod adoption and release
**Which issue this PR fixes** fixes#39962
**Special notes for your reviewer**: for adoption pod is created, a replicaset with a selector matching the pod's label is created and then we check for the pod being in the list of pods of the replicaset. For release, a replicaset with two replicas is created, the label of one of them is patched and then we check that that pod is no longer in the list of pods of the replicaset.
For checking the list of pods the `framework.PodsCreated` is used, maybe the name is not very adecuate given that it is used to return the pods belonging to one replicaset, no matter how they were created. Also, the patching is done through `framework.KubectlOrDie`, not sure if this is better that calling the API directly.
cc @liggitt
Automatic merge from submit-queue
validate activeDeadlineSeconds in rs/rc
**What this PR does / why we need it**:
if setting activeDeadlineSeconds, deployment will continuously created new pods after old pod dies.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#38684
**Special notes for your reviewer**:
**Release note**:
```release-note
ActiveDeadlineSeconds is validated in workload controllers now, make sure it's not set anywhere (it shouldn't be set by default and having it set means your controller will restart the Pods at some point)
```
Automatic merge from submit-queue (batch tested with PRs 41135, 43699)
azure: reduce polling delay for all Azure clients
**What this PR does / why we need it**: Reduces the polling delay for all azure clients to 5 seconds. This should speed up some additional operations at the cost of some quota.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: n/a
**Special notes for your reviewer**: This stacks on top of #43697, please only look at latest commit. Alternatively I can rebase this on top of master.
**Release note**:
```release-note
azure: all clients poll duration is now 5 seconds
```
I don't think the StorageClient polls anywhere, and it's a different type of client, so I didn't touch it.
Automatic merge from submit-queue
chore (samples): Don't cache apks at all in Dockerfiles
**What this PR does / why we need it**:
It simplifies the sample Dockerfiles somewhat.
https://github.com/gliderlabs/docker-alpine/blob/master/docs/usage.md#disabling-cache
**Special notes for your reviewer**:
While I'm here, any reason the Redis sample doesn't use the official Redis image from Dockerhub?
**Release note**:
```release-note
```
Automatic merge from submit-queue
fix deleted typos
**What this PR does / why we need it**:
**Which issue this PR fixes** :
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue
Fix the ginkgo nocolor parameter
When running the e2e tests in parallel, the ginkgo nocolor is not
honored and produces a colored output. This change fixes this issue
(#42793).
**What this PR does / why we need it**:
It fixes the ginkgo color parameter when running e2e tests in parallel.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#42793
**Special notes for your reviewer**:
It seems there is a missing bit in ginkgo-e2e.sh so I added it.
**Release note**:
```release-note
```
Automatic merge from submit-queue
Fixes markdown links in CHANGELOG for 1.6 and 1.5
**What this PR does / why we need it**:
Fixes broken markdown links in `CHANGELOG` for `v1.5`, `v1.6` sections
**Special notes for your reviewer**:
None
**Release note**:
`NONE`
Automatic merge from submit-queue
Update busybox dependency to fix bazel build
**What this PR does / why we need it**: the upstream busybox deb has been updated, and the old one no longer exists. This fixes the bazel build for users who haven't already downloaded the old deb into their workspace.
**Special notes for your reviewer**: we really need to figure out a better long-term strategy for this. The release branches are broken now too, and I don't want to have to cherry-pick fixes like this everywhere.
**Release note**:
```release-note
NONE
```
/assign @mikedanese @spxtr
Automatic merge from submit-queue
README examples updated
**What this PR does / why we need it**:
- The table in the readme for /examples seemed broken.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
- #43763
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Comments, log lines, exported MakePersistentVolume
Moved pv/pvcConfig assignment out of diskName check, nil ptrs and configs afterEach
change label/selector code to use k8s defined types from generic string:string maps
adjust for gce refactor
Automatic merge from submit-queue (batch tested with PRs 43518, 42467)
install/kube-up: fix some errors while install k8s through kube-up/down.sh
What this PR does / why we need it:
etcd2.3.1 will be installed follow this scripts, but k8s use etcd3 as default storage backend, so the next error will always be apprear:
API server: rpc error: code = 13 desc = transport is closing
so i think we should change the version of etcd
thank you!
Automatic merge from submit-queue
unit test for kubectl config unset
**What this PR does / why we need it**:
unit test for kubectl config unset
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
think you
**Release note**:
```release-note
```
Automatic merge from submit-queue
addressing issue #39427 adding a flag --output to 'kubectl version'
**What this PR does / why we need it**:
Addressing Issue https://github.com/kubernetes/kubernetes/issues/39427 we all
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#39427
**Release note**:
```
kubectl version has new flag --output (=json or yaml) allowing result of the command to be parsed in either json format or yaml.
```
Automatic merge from submit-queue (batch tested with PRs 40885, 43623, 43735)
Use "hack/godep-restore.sh" instead of "godep restore"
Now we get errors when run "godep restore".
So we need to update the help message.
@derekwaynecarr
**Special notes for your reviewer**:
**Release note**:
```NONE
```
Automatic merge from submit-queue
Extract GCEPD pv tests
**What this PR does / why we need it**:
This is strictly a refactor moving the GCEPD suite in Persistent Volumes E2E to it's own file. This will make future provider specific additions to pv testing much more organized and readable. It will also enable a smoother transition to providers moving out of tree by consolidating related tests.
```release-note
NONE
```
updating with PR changes requested.
latest changes to having short for human readable only, and error cases moved a bit to the end.
rebase fixes
latest pr. changes.
small change moving return nil out of switch.
updated the nil check for the error in the humanreadable case.
more optimization in humanreadable code.
pushed up current test changes, this is purely temporary
finished writing tests
updated test and function names.
changed output extensions from .sh to output.
updated version, version struct now just called Version and not VersionObj.
made a few changes to testing.
fixed testing issues, created better test and cleanup
go format change.
Automatic merge from submit-queue
Volume Provisioning E2E: test PVC delete causes PV delete
**What this PR does / why we need it**:
Test for a regression addressed in #21268. There was a case where the PVC being created and deleted quickly may result in a provisioned PV left behind as `Available.`
```release-note
NONE
```
cc @jeffvance
Automatic merge from submit-queue
Centos provider: generate SSL certificates for etcd cluster.
**What this PR does / why we need it**:
Support secure etcd cluster for centos provider, generate SSL certificates for etcd in default. Running it w/o SSL is exposing cluster data to everyone and is not recommended. [#39462](https://github.com/kubernetes/kubernetes/pull/39462#issuecomment-271601547)
/cc @jszczepkowski @zmerlynn
**Release note**:
```release-note
Support secure etcd cluster for centos provider.
```
Removed wait for PVC phase Pending.
iterate test 100 times to increase chance of regression
Moved claim obj assignment out of loop.
add wait loop check for PVs
loop until no PVs detected
refactor per git comments
replace api calls with framework wrappers
add default suffix
When running the e2e tests in parallel, the ginkgo nocolor is not
honored and produces a colored output. This change adds the
GINKGO_NO_COLOR environment variable.
Automatic merge from submit-queue (batch tested with PRs 41541, 43710)
Admission plugin initializer for the generic API server.
**What this PR does / why we need it**:
This PR implements a standard admission plugin initializer for the generic API server.
The initializer uses kubeconfig to populate external clients and informers. By default
in-cluster config is used.
**Special notes for your reviewer**:
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/apiserver-build-in-admission-plugins.md
**Release note**: NONE
```release-note
```
Automatic merge from submit-queue
Update algorithm of equivalence class cache predicates
NOTE: This is the first two commits of #36238
**What's in this PR:**
1. Definition of equivalence class
2. An update of `equivalence_cache.go` algorithms to implement enable/disable equivalence cache for individual predicate
3. Added equivalence class data structure to `Generic Scheduler` but did not initialize it. This is used to show how we will use equivalence class when scheduling.
**Why I did this:**
Although #36238 has been finished for a period of time, we found it's still very hard to review, because it mixed 1) definition of equivalence class, 2) how to use equivalence cache, and 3) how to keep this cache up-to-date, 4) e2e tests to verify (3) works.
So reviewers are easily distracted by different technical points like `hash algorithms`, `how to properly use Informer` etc, left the more important equivalence algorithms untouched.
So this PR I only includes 1) and 2), leaves updating this cache in #36238. I can see this part is totally independent from the rest part of it. So we can definitely review this equivalence strategies first.
cc @kubernetes/sig-scheduling-pr-reviews @davidopp @jayunit100 @wojtek-t
