Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixed the lease endpoint reconciler creation of kubernetes endpoint and lease file ttl. #53803
Fixed the prefix used to create the kubernetes endpoint and the ttl value used for lease files.
Fixes: #53803
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
update admission webhook to accept client config
Fixes https://github.com/kubernetes/kubernetes/issues/53827
This plumbs a complete client through the plugin initializer for admission webhooks. It achieves parity with our existing webhooks and provides flexibility if people want to do something special or different. Easy things are easy, hard things are possible. This does not change behavior for kube-apiserver.
@kubernetes/sig-auth-api-reviews @kubernetes/sig-api-machinery-bugs
Automatic merge from submit-queue (batch tested with PRs 54145, 53821). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Added PreStopHooks to apiserver to allow clean shutdown.
BootStrapController now registers a PreStopHook to clean up the kubernetes service endpoints. The PreStopHooks allow the apiserver to shutdown cleanly under a controlled shutdown case. The BootStrapController's PreStopHook will clean up after itself by removing the apiserver from the list of IPs in the kubernetes service.
fixes#53438
Automatic merge from submit-queue (batch tested with PRs 54145, 53821). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add url path for admission webhooks
Fixes https://github.com/kubernetes/kubernetes/issues/53826
Adds an optional field to admission webhook registration that allows a user to specify a path to post to. This achieves parity with other webhooks.
Each segment is required to be a dns subdomain, which mirrors url rules for groups.
@kubernetes/api-reviewers
```release-note
admission webhook registration now allows URL paths
```
Automatic merge from submit-queue (batch tested with PRs 54154, 54192). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Versioned busybox docker image
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#53942
**Special notes for your reviewer**:
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 52753, 54034, 53982, 54209). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
stopCh should be passed to route-controller main goroutine
**What this PR does / why we need it**:
currently neverstop channel is used, stopCh should be used
```
go wait.NonSlidingUntil(func() {
if err := rc.reconcileNodeRoutes(); err != nil {
glog.Errorf("Couldn't reconcile node routes: %v", err)
}
}, syncPeriod, wait.NeverStop)
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 52753, 54034, 53982, 54209). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make test case description more accurate.
**What this PR does / why we need it**:
Make test case description more accurate. This test case tests the GCE persistent disk instead of the general one, change the name to make it consistent with AWS/Azure/ISCSI test cases.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 52753, 54034, 53982, 54209). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
use multi-arch busybox for e2e
**What this PR does / why we need it**:
Since [multi-arch is supported already for Official images on Dockerhub](https://blog.docker.com/2017/09/docker-official-images-now-multi-platform/), we can use `busybox` directly instead of having our own `GetBusyBoxImage` for multi-arch.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
xref #53958
**Special notes for your reviewer**:
/assign @mkumatag @ixdy
**Release note**:
```release-note
Use multi-arch busybox image for e2e
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
sample-controller: add example CRD controller
**What this PR does / why we need it**:
Adds a sample-controller example repository
fixes#52752
**Special notes for your reviewer**:
This is currently based on the sttts:sttts-codegen-scripts branch and should not be merged until that is (ref https://github.com/kubernetes/kubernetes/pull/52186)
**Release note**:
```
Add sample-controller repository
```
/cc @sttts @nikhita @colemickens
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add ProxyModeIPVS in proxy mode validation
**What this PR does / why we need it**:
Currently didn't add "ipvs" in proxy mode check, then if we use "ipvs" mode, will get this error:
'error: KubeProxyConfiguration.Mode.ProxyMode: Invalid value: "ipvs": must be userspace,iptables or blank (blank means the best-available proxy (currently iptables)'
So I added it.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 53609, 54025). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
expose a kube-up environment variable to override GLBC image
```release-note
NONE
```
This change allows kube-up to bring up a k8s cluster with specified glbc image other than the default one.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add user-specified ns to --dry-run created obj
Fixes https://github.com/kubernetes/kubernetes/issues/51068
**Release note**:
```release-note
NONE
```
Includes a namespace in a created resource's metadata when `--dry-run` is used if:
- a namespace was explicitly set by the user (via `--namespace`)
- No errors occur accessing the object's metadata
cc @fabianofranz @deads2k
Automatic merge from submit-queue (batch tested with PRs 51310, 51458, 47636). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove useless allocation of map
This one-element map is only used for checking api. Remove it and
simplify the code.
**Release note**:
```
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Replace storage-class annotations with field in examples
**What this PR does / why we need it**:
storage class is already GA. Replace annotations with field `StorageClassName` in examples.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51435 (update: thanks @gyliu513 for the issue)
ref: https://github.com/kubernetes/kubernetes/pull/50654#discussion_r134954171
**Special notes for your reviewer**:
We may also want to remove the beta annotations in 1.8 since the field will have already been in two releases. If @kubernetes/sig-storage-api-reviews confirm this, I'd like to help remove it.
/cc @liggitt @jsafrane @msau42
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54167, 54182). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
bazel cleanup: remove --incompatible workaround flags
**What this PR does / why we need it**: since #53839 bumped all of our dependencies, we no longer need to use these workaround flags to support building with bazel 0.6.0+.
**Release note**:
```release-note
NONE
```
/assign @BenTheElder @spxtr @mikedanese
Automatic merge from submit-queue (batch tested with PRs 54167, 54182). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
split up large rest handling file
These are nothing but exact block moves because the giant rest.go made it really hard to find anything.
@kubernetes/sig-api-machinery-pr-reviews
/assign sttts
/assign caesarxuchao
Automatic merge from submit-queue (batch tested with PRs 49305, 54158). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apiextensions: fix LastTransitionTime for NamesAccepted condition
Fixes#54148.
Without this change, `LastTransitionTime` for the NamesAccepted condition for CRDs always showed up as `null`.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49305, 54158). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix error print for admission test
**What this PR does / why we need it**:
fix error print to make them easy to inspect.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix RC/RS conversion
This fixes some round-trip information loss when representing an RC as an RS. I want to use these conversions in #49429 to eliminate the maintenance burden of duplicated RC code.
@kubernetes/sig-apps-pr-reviews
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
allow fail close webhook admission
Webhook admission needs to allow failing closed. Even in an alpha state, I don't want to be one DDOS away from having an exposed cluster.
/assign caesarxuchao
/assign sttts
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
allow */subresource in rbac policy rules
xref #29698
xref #38756
xref #49504
xref #38810
Allow `*/subresource` format in RBAC policy rules to support polymorphic subresources like `*/scale` for HPA.
@DirectXMan12 fyi
```release-note
RBAC PolicyRules now allow resource=`*/<subresource>` to cover `any-resource/<subresource>`. For example, `*/scale` covers `replicationcontroller/scale`.
```
Automatic merge from submit-queue (batch tested with PRs 43661, 54062). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix typo in function name.
Also remove a superfluous comment.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 43661, 54062). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix#43583 (kubenet: remove code forcing bridge MAC address)
**What this PR does / why we need it**:
*kubenet: remove code forcing bridge MAC address*
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#43583
**Special notes for your reviewer**:
**Release note**:
```release-note
```
cc @dcbw @freehan
Without this change, `LastTransitionTime` for the NamesAccepted
condition always showed up as `null`.
It makes sense to set the timestamp in `SetCRDCondition` instead of
setting it explicitly elsewhere.
Automatic merge from submit-queue (batch tested with PRs 47717, 53896). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
decode admission responses into a fresh object
Something about the way the admission request object is built causes decoding into back into it to fail with
```
W1013 14:10:42.457423 2960 admission.go:185] rejected by webhook namespacereservations.admission.online.openshift.io/apis/admission.online.openshift.io/v1alpha1/namespacereservations &{%!t(string=namespacereservations.admission.online.openshift.io/apis/admission.online.openshift.io/v1alpha1/namespacereservations) %!t(*errors.errorString=&{reflect.Value.Addr of unaddressable value})}: failed calling admission webhook "namespacereservations.admission.online.openshift.io/apis/admission.online.openshift.io/v1alpha1/namespacereservations": reflect.Value.Addr of unaddressable value
```
This simply creates a fresh object to decode into, which works fine for our usage and makes it possible to actually have the webhook call out to something.
Automatic merge from submit-queue (batch tested with PRs 47717, 53896). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Delete the redundant parameter flag
What this PR does / why we need it:
Delete redundant parameter flag, otherwise the log will be show like:
Warning: path "/var/lib/kubelet/pods/3c6c4869-4d02-11e7-9685-fa163eeda0fa/volumes" does not exist: %!q(MISSING)
thank you!
