Automatic merge from submit-queue (batch tested with PRs 48572, 48838, 48931, 48783, 47090)
kubeadm: add a warning about the default token TTL changing in 1.8
**What this PR does / why we need it**:
This adds a warning to `kubeadm init` and `kubeadm token create` if they are run without the `--token-ttl` / `--ttl` flags. In 1.7 and before, the tokens generated by these commands defaulted to an infinite TTL (no expiration) in 1.8, they will generate a token with a 24 hour TTL.
The actual default change is in https://github.com/kubernetes/kubernetes/pull/48783. This change is separate so we can cherry pick the warning into the `release-1.7` branch.
**Which issue this PR fixes**: ref https://github.com/kubernetes/kubeadm/issues/343
**Special notes for your reviewer**:
This change is blocked on https://github.com/kubernetes/kubeadm/issues/343. These warnings should probably be removed in the 1.9 cycle.
**Release note**:
```release-note
Add a runtime warning about the kubeadm default token TTL changes in 1.8.
```
/assign @luxas
Automatic merge from submit-queue
Azure PD (Managed/Blob)
This is exactly the same code as this [PR](https://github.com/kubernetes/kubernetes/pull/41950). It has a clean set of generated items. We created a separate PR to accelerate the accept/merge the PR
CC @colemickens
CC @brendandburns
**What this PR does / why we need it**:
1. Adds K8S support for Azure Managed Disks.
2. Adds support for dedicated blob disks (1:1 to storage account) in addition to shared blob disks (n:1 to storage account).
3. Automatically manages the underlying storage accounts. New storage accounts are created at 50% utilization. Max is 100 disks, 60 disks per storage account.
2. Addresses the current issues with Blob Disks:
..* Significantly faster attach process. Disks are now usually available for pods on nodes under 30 sec if formatted, under a min if not formatted.
..* Adds support to move disks between nodes.
..* Adds consistent attach/detach behavior, checks if the disk is leased/attached on a different node before attempting to attach to target nodes.
..* Fixes a random hang behavior on Azure VMs during mount/format (for both blob + managed disks).
..* Fixes a potential conflict by avoiding the use of disk names for mount paths. The new plugin uses hashed disk uri for mount path.
The existing AzureDisk is used as is. Additional "kind" property was added allowing the user to decide if the pd will be shared, dedicated or managed (Azure Managed Disks are used).
Due to the change in mounting paths, existing PDs need to be recreated as PV or PVCs on the new plugin.
Automatic merge from submit-queue
Redirect all files in /examples folder to kubernetes/examples repo
**What this PR does / why we need it**:
Examples are being moved to their own repository: https://github.com/kubernetes/examples
We need to remove them from the main repo , but first we need to keep a redirect.
This is a *big* organizational change, but nothing technical (aside from e2e tests)
**Which issue this PR fixes**
fixes part of #24343
**Special notes for your reviewer**:
WIP, I still need to figure out what to do with the BUILD script and tests, plus take care of the e2e tests that use some of these examples.
**release notes**
```release-note
Redirect all examples README to the the kubernetes/examples repo
```
Automatic merge from submit-queue
kubeadm: fix broken `kubeadm init --config` flag
**What this PR does / why we need it**:
This code was changed in ea196490a0 (https://github.com/kubernetes/kubernetes/pull/43558) to validate that `--config` wasn't passed along with other flags. Unfortunately, the implementation was checking `PersistentFlags()`, which was not parsed at the point it was being validated.
The fix is to use `Flags()` instead, which contains the expected data.
**Which issue this PR fixes** fixes https://github.com/kubernetes/kubeadm/issues/345
**Special notes for your reviewer**:
This is a regression that was cherry picked (https://github.com/kubernetes/kubernetes/pull/48577) into the `release-1.7` branch. We should fix this before the next 1.7 point release.
This is awkward to unit test without restructuring the code. I think this command parsing code would be a good candidate for some higher level tests.
**Release note**:
```release-note
Fix a regression that broke the `--config` flag for `kubeadm init`.
```
/assign @luxas
This adds a warning to `kubeadm init` and `kubeadm token create` if they are run without the `--token-ttl` / `--ttl` flags. In 1.7 and before, the tokens generated by these commands defaulted to an infinite TTL (no expiration) in 1.8, they will generate a token with a 24 hour TTL.
The actual default change is in https://github.com/kubernetes/kubernetes/pull/48783. This change is separate so we can cherry pick the warning into the release-1.7 branch.
Automatic merge from submit-queue
Split out max_density test and add owners to other perf tests
@rrati - IIRC you're the one who added max-density test and promised to look after it. I split it out of the main density.go, so it'd be clear that this one is not owned by us.
cc @kubernetes/sig-scalability-misc
Automatic merge from submit-queue (batch tested with PRs 48812, 48276)
client-go support IPv6 addresses for PortForwarder getListener()
Currently, client-go requires that an IPv6 address string for hostname has
square brackets surrounding, so that it can be used with address:port in
an API request.
This change, removes that requirement, and has getListener() add the
square brackets, if needed. If the hostname is a name, an IPv4 address
string, or an IPv6 address already with square brackets, no change is made.
Decided to change here, rather than everywhere client-go is used (thinking
that there may be places where we DON'T want the square brackets applied).
This issue was found in kubelet, which, at startup, creates a listener for
services and nodes. If an IPv6 address is used, the URI was malformed.
**What this PR does / why we need it**:
Ensures that client-go will handle IPv6 addresses as hostnames, without any special encoding by caller.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#48225
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48812, 48276)
Change fluentd-gcp monitoring to use metrics exposed by SD plugin
Following https://github.com/GoogleCloudPlatform/fluent-plugin-google-cloud/pull/135, make fluentd-gcp expose metrics in Prometheus registry and use them instead of counting records in the pipeline.
/cc @piosz @igorpeshansky
```release-note
Fluentd-gcp DaemonSet exposes different set of metrics.
```
Automatic merge from submit-queue (batch tested with PRs 48864, 48651, 47703)
Do not persist SelfLink into etcd storage
This behavior regressed in an earlier release. Clearing the self link reduces the size of the stored object by a small amount and keeps etcd marginally cleaner. Add tests to verify that Create and Update result in no SelfLink stored in etcd.
Automatic merge from submit-queue (batch tested with PRs 48864, 48651, 47703)
Enable logexporter mechanism to dump logs from k8s nodes to GCS directly
Ref https://github.com/kubernetes/kubernetes/issues/48513
This adds support for logexporter from k8s side. Next I'll send a PR adding support from test-infra side.
/cc @kubernetes/sig-scalability-misc @kubernetes/test-infra-maintainers @fejta @wojtek-t @gmarek
Automatic merge from submit-queue
Fixed cluster validation for multizonal clusters.
Fixed cluster validation for multizonal clusters.
This should fix HA master e2e tests.
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 46748, 48826)
Added `CriticalAddonsOnly` toleration for npd.
**What this PR does / why we need it**:
We should add `CriticalAddonsOnly` toleration to make sure the daemonset can be scheduled on the node even if already planned to run critical pod.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#47015
**Special notes for your reviewer**:
**Release note**:
```release-note
none
```
Automatic merge from submit-queue
Revert workaround in PR 46246 as APIs have been consistent
**What this PR does / why we need it**:
No need to convert v1.ObjectReference as APIs have been consistent in `k8s.io/api/core/v1`.
**Which issue this PR fixes** : fixes#48668
**Special notes for your reviewer**:
/assign @derekwaynecarr @caesarxuchao
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48082, 48815, 48901, 48824)
Import kubectl tests in e2e_test.go so they start running.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48082, 48815, 48901, 48824)
mountpath should be absolute
**What this PR does / why we need it**:
Should validate the mountpath before mounting to container. Docker forbids mounting to a relative path inside the container.
**Which issue this PR fixes** : fixes#48749
**Special notes for your reviewer**:
**Release note**:
```release-note
MountPath should be absolute
```
Automatic merge from submit-queue (batch tested with PRs 48082, 48815, 48901, 48824)
Changes for typecasting node in drain
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#48059
**Special notes for your reviewer**:
Precursor to #44944
**Release note**:
```release-note
kubectl drain now uses PATCH instead of PUT to update the node. The node object is now of type v1 instead of using internal api.
```
Automatic merge from submit-queue
Use t.Fatalf instead
**What this PR does / why we need it**:
we can use t.Fatalf to take place of t.Errorf + t.FailNow()
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Add OWNERS file to kubelet gpu package
GPU support is ramping up and we do not have a lot of reviewers that
are familiar with the codebase. I added myself as a reviewer and
copied a few people from the kubelet OWNERS file as approvers.
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
**Release note**:
```
NONE
```
Automatic merge from submit-queue
Properly nest code blocks
**What this PR does / why we need it**:
Markdown code blocks are adjusted to better display on GitHub. See [rendered](c3fbec7663/cluster/addons/cluster-loadbalancing/glbc/README.md) version.
**Release note**:
```release-note
Adjust markdown code block in README for Google Load Balancer addon.
```
Automatic merge from submit-queue
Update docs for user-guide
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Updated comments of func in testapi.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #N/A
**Special notes for your reviewer**:
**Release note**:
```release-note-none
```
Automatic merge from submit-queue
add dockershim checkpoint node e2e test
Add a bunch of disruptive cases to test kubelet/dockershim's checkpoint work flow.
Some steps are quite hacky. Not sure if there is better ways to do things.
Automatic merge from submit-queue (batch tested with PRs 47999, 47890)
[Federation] Update namespace support to use the sync controller
This PR moves namespaces to use the sync controller.
cc: @kubernetes/sig-federation-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 47999, 47890)
LocalPV e2e test with two pods writing/reading to a shared file on one PVC
**What this PR does / why we need it**:
This PR adds an e2e test where one pod writes to a localPV and another reads from it. This e2e test is for the PersistentLocalVolumes alpha feature.
**Which issue this PR fixes**: fixes https://github.com/kubernetes/kubernetes/issues/48832
**Special notes for your reviewer**:
You need to setup the PersistentLocalVolumes feature-gate and NODE_LOCAL_SSDS environment variable.
For example:
```
KUBE_FEATURE_GATES="PersistentLocalVolumes=true" NODE_LOCAL_SSDS=1 go run hack/e2e.go -- -v --up
go run hack/e2e.go -- -v --test --test_args="--ginkgo.focus=\[Feature:LocalPersistentVolumes\]"
```
**Release note**:
```release-note
NONE
```
This code was changed in ea196490a0 to validate that `--config` wasn't passed along with other flags. Unfortunately, the implementation was checking `PersistentFlags()`, which was not parsed at the point it was being validated. The result was that `--config` was _always_ rejected, not just when it was specified alongside other flags.
The fix is to use `Flags()` instead, which contains the expected data.
Currently, client-go requires that an IPv6 address string for hostname has
square brackets surrounding, so that it can be used with address:port in
an API request.
This change, removes that requirement, and has getListener() add the
square brackets for IPv6 addresses for hosts. If IPv4 or hostname, the name
will not be modified.
Decided to change here, rather than everywhere client-go is used (thinking
that there may be places where we DON'T want the square brackets applied).
This issue was found in kubelet, which, at startup, creates a listener for
services and nodes. If an IPv6 address is used, the URI was malformed.
This behavior regressed in an earlier release. Clearing the self link
ensures that a new version is always written and reduces the size of the
stored object by a small amount. Add tests to verify that Create and
Update result in no SelfLink stored in etcd.
Automatic merge from submit-queue (batch tested with PRs 48555, 48849)
GCE: Fix panic when service loadbalancer has static IP address
Fixes#48848
```release-note
Fix service controller crash loop when Service with GCP LoadBalancer uses static IP (#48848, @nicksardo)
```
