Commit Graph

65447 Commits

Author SHA1 Message Date
Kubernetes Submit Queue
f5a91f4173
Merge pull request #62807 from rpothier/kubeadm-cidr
Automatic merge from submit-queue (batch tested with PRs 63735, 62807). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Kubeadm: Update comments and UT to remove /66 restriction

**What this PR does / why we need it**:
The comments in cmd/kubeadm/app/phases/controlplane/manifests.go mention the
IPv6 /66 restriction, and the UT also refers to this.
This restriction was removed in PR#60089
This removes those comments and updates the UT

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #62806 

**Special notes for your reviewer**:

**Release note**:

```release-note-none

```
2018-05-14 10:19:21 -07:00
Kubernetes Submit Queue
f18e4d8b12
Merge pull request #63735 from neolit123/kubeadm-init-stdout-update
Automatic merge from submit-queue (batch tested with PRs 63735, 62807). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

kubeadm-init: update note about failing containers

**What this PR does / why we need it**:

This PR was merged before all requested changes
were applied:
kubernetes/pull/59731

Update the note about failing containers as requested here:
https://github.com/kubernetes/kubernetes/pull/59731#pullrequestreview-119517427

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
NONE

**Special notes for your reviewer**:
NONE

**Release note**:

```release-note
NONE
```
2018-05-14 10:19:18 -07:00
Lucas Käldström
8074a1987e
autogenerated bazel 2018-05-14 18:12:31 +01:00
Lucas Käldström
80a31d7a5a
Stop installing kubeadm types in the generic, legacy scheme 2018-05-14 18:11:30 +01:00
Ashley Gau
054b4a7978 check for new backend naming scheme 2018-05-14 09:58:21 -07:00
Lucas Käldström
04a7ca557c
kubeadm: Use the API machinery for marshalling 2018-05-14 17:56:22 +01:00
Eric Chiang
66f2622bb7
client-go: remove dep on pflag 2018-05-14 09:48:36 -07:00
Łukasz Osipiuk
ec0a9aae28 Add e2e test to verify that GPU pool is not scaled up if GPUs are not requested by pods 2018-05-14 18:16:37 +02:00
Kubernetes Submit Queue
c9591ee6cb
Merge pull request #63734 from liztio/kubeadm-marshal-tests
Automatic merge from submit-queue (batch tested with PRs 63783, 63734). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Kubeadm marshal tests

**What this PR does / why we need it**:

Adds tests for the marshalling utilities in kubeadm.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes: kubernetes/kubeadm#802

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-05-14 09:12:12 -07:00
Kubernetes Submit Queue
f3c84d71d8
Merge pull request #63783 from luxas/kubeadm_explicit_v1alpha1
Automatic merge from submit-queue (batch tested with PRs 63783, 63734). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Rename `kubeadmapiext` to the more explicit `kubeadmapiv1alpha1`

**What this PR does / why we need it**:

`kubeadmext` is somewhat confusing to those who read the code (although it means "the external API of kubeadm", which to some degree makes sense), so I'm swapping all references to it to the more explicit `kubeadmapiv1alpha1`. This change is needed given that we will support multiple external APIs.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Part of https://github.com/kubernetes/community/pull/2131

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
@kubernetes/sig-cluster-lifecycle-pr-reviews @liztio
2018-05-14 09:12:09 -07:00
Jason DeTiberus
187ef17ed8
kubeadm - do not generate etcd ca/certs for external etcd
Only generate the etcd CA and certificates if not configured for external
etcd.
2018-05-14 11:56:29 -04:00
David Eads
3af9e75950 switch to versioned objects only for set 2018-05-14 11:40:11 -04:00
Kubernetes Submit Queue
ff7abf2705
Merge pull request #63649 from dixudx/kubectl_flags_binding
Automatic merge from submit-queue (batch tested with PRs 63761, 63794, 63649). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

fix missing flag value bindings in kubectl

**What this PR does / why we need it**:
When working #63644, I find there are still some flag not bound correctly.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
xref #60366

**Special notes for your reviewer**:
/cc soltysh deads2k 
/cc kubernetes/sig-cli-api-reviews 
**Release note**:

```release-note
None
```
2018-05-14 07:59:11 -07:00
Kubernetes Submit Queue
1b1defb060
Merge pull request #63794 from hzxuzhonghu/tmp-5-14
Automatic merge from submit-queue (batch tested with PRs 63761, 63794, 63649). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

remove unused PrintFlags.Scheme

PrintFlags.Scheme is unused, remove it.

**Release note**:

```release-note
NONE
```
2018-05-14 07:59:08 -07:00
Kubernetes Submit Queue
d5a930bed4
Merge pull request #63761 from liggitt/aggregated-bootstrap-race
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Avoid copying aggregated admin/edit/view roles during bootstrap

Fixes #63760

At apiserver startup, prior to reconciling cluster roles, the following roles (if they exist) are copied:
* admin -> system:aggregate-to-admin
* edit -> system:aggregate-to-edit
* view -> system:aggregate-to-view

This was added in 1.9 as part of role aggregation to ensure custom permissions added to the admin/edit/view roles were preserved, prior to making the admin/edit/view roles aggregated (since the permissions of an aggregated role are controller-managed)

When starting multiple members of a new HA cluster simultaneously, the following race can occur:
* t=0, server 1,2,3 start up
* t=1, server 1 finds no admin/edit/view roles exist, begins role reconciliation and creates the aggregated `admin` role
* t=2, server 2 finds and copies the `admin` role created by server 1 to `system:aggregate-to-admin`

If this race is encountered, it results in `system:aggregate-to-admin` being an aggregated role, and its permissions subject to being overwritten by the aggregating controller. To prevent this from happening, the permission-preserving copy should only copy over roles that are not yet aggregated.

To correct this in clusters that have already encountered it, role reconciliation should remove aggregation from a role that is not expected to be aggregated at all.

```release-note
corrects a race condition in bootstrapping aggregated cluster roles in new HA clusters
```
2018-05-14 07:34:41 -07:00
wojtekt
bdd9492da0 Track number of registered watchers in apiserver 2018-05-14 15:10:42 +02:00
xuzhonghu
7e4014e02b remove unused PrintFlags.Scheme 2018-05-14 20:49:19 +08:00
Kubernetes Submit Queue
773def0194
Merge pull request #62563 from devdattakulkarni/client-go-details
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Updated README to include client-go<->controller diagram

The sample-controller makes extensive use of various mechanisms
available in client-go. For writing custom controllers/operators
it will be helpful if there is precise description of how the
client-go library works and how/where it interfaces with
custom controller code.

Recently we published a blog post with these details here:

https://medium.com/@cloudark/kubernetes-custom-controllers-b6c7d0668fdf

This patch includes the diagram from the post, as was recommended
by @sttts on https://github.com/kubernetes/sample-controller/issues/13



**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note

```
2018-05-14 05:23:12 -07:00
Marek Siarkowicz
a1174b08a6 [prometheus addon] Add filter on image in tests to remove pod timeseries
New pod timeseries was introduced that has same labels for namespace and
pod_name resulting in doubling value in old query. New metric is not
based on containers so filtering on image solves that problem.
2018-05-14 13:56:32 +02:00
Lucas Käldström
68c68dfadc
Rename kubeadmapiext to the more explicit kubeadmapiv1alpha1 2018-05-14 12:31:48 +03:00
Dr. Stefan Schimanski
5d66dc9338 apiextensions: normalize CR validation to return multiple errors 2018-05-14 10:16:19 +02:00
m1093782566
029a16a1eb fix review comments 2018-05-14 16:07:13 +08:00
Kubernetes Submit Queue
e34df0a26c
Merge pull request #63585 from islinwb/ipset_comment
Automatic merge from submit-queue (batch tested with PRs 62833, 63585). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add comments for ipset entries in kube-proxy

**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #63584 

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-05-14 00:49:05 -07:00
Kubernetes Submit Queue
0989967374
Merge pull request #62833 from charrywanganthony/log_rotation
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add necessary explanation for container log rotation.

**What this PR does / why we need it**:
#59898
> Container log manager only starts when the container runtime is remote (not docker), because we can't implement ReopenContainerLog for docker.

**Release note**:
```release-note
NONE
```
2018-05-14 00:07:15 -07:00
Di Xu
e8ef744493 fix missing flag value bindings in kubectl 2018-05-14 14:38:54 +08:00
Kubernetes Submit Queue
e24fd8efb1
Merge pull request #62040 from ianychoi/korean-translation
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Adds initial Korean translations for kubectl

**What this PR does / why we need it**:
This PR provides a first attempt to translate kubectl in Korean (related to #51867, #40645, #45573, #45562, #40591, #46559, #50155).

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
No issues

**Special notes for your reviewer**:
This PR requires Korean people to assist in the review. I am native in Korean and also a translator & reviewer in Korean in OpenStack I18n team (http://stackalytics.com/?metric=translations&user_id=ianychoi ).

**Release note**:
```release-note
Adding initial Korean translation for kubectl
```
2018-05-13 22:27:40 -07:00
Kubernetes Submit Queue
9f7348ed50
Merge pull request #63230 from WanLinghao/sa_util_fix
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

clean duplicate test function

**What this PR does / why we need it**:
As the patch shows, the function it tests has been moved to 
b87a392b1a/staging/src/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go (L43)
 The make/split function has been tested on file b87a392b1a/staging/src/k8s.io/apiserver/pkg/authentication/serviceaccount/util_test.go (L21)

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-05-13 20:07:24 -07:00
Jordan Liggitt
a674335ccc
Avoid copying aggregated admin/edit/view roles during bootstrap 2018-05-13 15:21:05 -04:00
Kubernetes Submit Queue
2fd9d8654e
Merge pull request #63740 from dims/control-exactly-what-we-use-in-kubeadm
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Control exactly what we use in kubeadm

**What this PR does / why we need it**:

we recently got rid of extra arg validation for preflight check:
9f21f5dd1e

the import-boss configuration will help us control exactly what
gets added/used in kubeadm. In this PR, we add a white-list of
the exact packages we use currently.

We will need to review these, make new PR(s) to  eliminate things
we don't want to be depending on (just like the cloud provider related code).

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note

```
2018-05-13 11:29:36 -07:00
Davanum Srinivas
00aeecd712 Control exactly what we use in kubeadm
we recently got rid of extra arg validation for preflight check:
9f21f5dd1e

the import-boss configuration will help us control exactly what
gets added/used in kubeadm. In this PR, we add a white-list of
the exact packages we use currently.

We will need to review these, make new PR(s) to  eliminate things
we don't want to be depending on (just like the cloud provider related code).
2018-05-12 21:55:56 -04:00
Kubernetes Submit Queue
feeee50363
Merge pull request #63551 from luxas/revisit_kubeadm_owners
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Revisit the OWNERS file for kubeadm

**What this PR does / why we need it**:

The OWNERS file for kubeadm is getting a little bit stale. As discussed in today's SIG Cluster Lifecycle meeting, we're gonna update it with the currently active contributors.

**Special notes for your reviewer**:

Every person that is involved here, please ACK and LGTM the change.

@jbeda removed from approvers
@krousey removed from approvers/reviewers
@fabriziopandini graduated to an approver
@dmmcquay removed from reviewers
@jamiehannaford removed from reviewers
@kargakis removed from reviewers
@liztio added to reviewers
@chuckha added to reviewers
@detiber added to reviewers
@stealthybox added to reviewers
@dixudx added to reviewers

Thank you everyone for your contributions 👏 (no one can't maintain something forever), and congratulations and welcome everyone with a new role, happy to have you here 👍!

**Release note**:

```release-note
NONE
```
cc @kubernetes/sig-cluster-lifecycle-pr-reviews
2018-05-12 00:58:12 -07:00
Kubernetes Submit Queue
163cddf203
Merge pull request #63743 from liggitt/e2e-auth-plugins
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

register client-go auth plugins for e2e

e2e depends on use of the gcp client-go auth provider, but did not explicitly register the auth provider. it indirectly imported the plugins via a roundabout chain (see https://github.com/kubernetes/kubernetes/issues/63731#issuecomment-388529120) which broke when those imports were trimmed in https://github.com/kubernetes/kubernetes/pull/63673

if e2e requires these auth plugins, it should include them explicitly in the top-level test package

fixes #63731

```release-note
NONE
```
2018-05-11 23:20:50 -07:00
ravisantoshgudimetla
f20bd00ab2 Generated 2018-05-12 02:01:09 -04:00
ravisantoshgudimetla
1db5990013 Move scheduling api to beta 2018-05-12 02:01:04 -04:00
Jordan Liggitt
eea04411c0
register client-go auth plugins for e2e 2018-05-12 00:46:51 -04:00
Kubernetes Submit Queue
4725f07dc5
Merge pull request #63643 from k82cn/rm_ns_dstest
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Removed unused namespace in UT helper func.

Signed-off-by: Da K. Ma <klaus1982.cn@gmail.com>

**Release note**:
```release-note
None
```
2018-05-11 21:07:44 -07:00
Kubernetes Submit Queue
c9b56e6a7a
Merge pull request #63582 from WanLinghao/sa_var_clean
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

clean unused variables on serviceaccounts_controller_test.go

**What this PR does / why we need it**:
this patch simply removes unused variables 
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-05-11 20:00:05 -07:00
Ian Y. Choi
856110a21c Adds initial Korean translations for kubectl 2018-05-12 11:16:49 +09:00
Kubernetes Submit Queue
0407eaa536
Merge pull request #63736 from thockin/bad_sleep_duration
Automatic merge from submit-queue (batch tested with PRs 63686, 63736). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix bad sleep - int as duration

Sleep(2) is probably not what was intended.

**Release note**:
```release-note
NONE
```
2018-05-11 19:09:18 -07:00
Kubernetes Submit Queue
f7ccaae269
Merge pull request #63686 from dougm/deprecate-photon
Automatic merge from submit-queue (batch tested with PRs 63686, 63736). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Deprecate photon cloud provider

vmware/photon-controller is no longer maintained, as of Oct 2017.

Adds a detail field to deprecatedCloudProviders, meant for pointing to external provider url or other reason for deprecation.



**What this PR does / why we need it**:

The photon cloud provider is no longer supported, need to let users know.

Photon controller support has already been removed from kube-up in PR #58096

**Release note**:

```release-note
NONE
```
2018-05-11 19:09:15 -07:00
Da K. Ma
2dc5266e84 Removed unused namespace in UT helper func.
Signed-off-by: Da K. Ma <klaus1982.cn@gmail.com>
2018-05-12 08:47:09 +08:00
Kubernetes Submit Queue
4c09441a5d
Merge pull request #60931 from neolit123/test-completion
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

 kubeadm: add test coverage to completion.go

**What this PR does / why we need it**:
Add `completion_test.go` with the following tests:
- TestNewCmdCompletion
- TestRunCompletion

A separate commit exports the function GetSupportedShells() to obtain the list of supported shells.

Test coverage is at 96%. The only untested bit is an `io.Writer.Write()` call in `RunCompletion()`. in the case of `bytes.Buffer` it would panic and/or always return `nil` for `error`.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:

NONE

**Special notes for your reviewer**:

NONE

**Release note**:

```release-note
NONE
```
2018-05-11 16:33:43 -07:00
Lubomir I. Ivanov
af44aa1491 kubeadm-init: update note about failing containers
This PR was merged before all requested changes
were applied:
kubernetes/pull/59731

Update the note about failing containers as requested here:
https://github.com/kubernetes/kubernetes/pull/59731#pullrequestreview-119517427
2018-05-12 02:26:10 +03:00
Mike Danese
a5d2ca8c55 validation: improve ProjectedVolume validation errors
* only report "may not specify more than 1 volume type" once
* fix incorrectly reported field paths
* continue to traverse into projections to report further errors.
2018-05-11 15:57:41 -07:00
Mike Danese
500893cf99 validation: allow multiple errors in Volume validation test 2018-05-11 15:57:41 -07:00
Kubernetes Submit Queue
6017f6daef
Merge pull request #63170 from micahhausler/node-ip-fix
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Report node DNS info with --node-ip

**What this PR does / why we need it**:
This PR adds `ExternalDNS`, `InternalDNS`, and `ExternalIP` info for kubelets with the `--nodeip` flag enabled. 

**Which issue(s) this PR fixes** 
Fixes #63158

**Special notes for your reviewer**:

I added a field to the Kubelet to make IP validation more testable (`validateNodeIP` relies on the `net` package and the IP address of the host that is executing the test.) I also converted the test to use a table so new cases could be added more easily.

**Release Notes**
```release-note
Report node DNS info with --node-ip flag
```

@andrewsykim
@nckturner 

/sig node
/sig network
2018-05-11 15:46:35 -07:00
Tim Hockin
9b36dd5c6d Fix bad sleep - int as duration 2018-05-11 15:40:12 -07:00
Devdatta Kulkarni
3e22383a8a Added documentation of how client-go interfaces with custom controller code
**What this PR does / why we need it**:

The sample-controller makes extensive use of various mechanisms
available in the client-go library. For writing custom controllers/operators
it will be helpful if there is precise description of how the
client-go library works and how/where it interfaces with
custom controller code.

This patch adds documentation that sheds light on how (parts) of the
client-go library work and its interaction-points with
controller code. The documentation and the diagram comes from [1],
(link included here for reference purpose).

[1] https://medium.com/@cloudark/kubernetes-custom-controllers-b6c7d0668fdf

Contributing the diagram and the writeup was recommended by
by @sttts and @nikhita on https://github.com/kubernetes/sample-controller/issues/13

**Release note**:

```release-note
NONE
```
2018-05-11 17:04:03 -05:00
liz
bed8658542
Tests for kubeadm marshal utilities 2018-05-11 17:50:41 -04:00
liz
43241992fc
Generated artefacts 2018-05-11 17:50:41 -04:00