Automatic merge from submit-queue (batch tested with PRs 45826, 45747, 45548, 45606, 41766)
OwnerReferencesPermissionEnforcement ignores pods/status
**What this PR does / why we need it**:
It makes the `OwnerReferencesPermissionEnforcement` admission plug-in ignore pods/status operations. If a cluster has version skew with its master (1.6) and nodes (1.6-N), the kubelet is doing a pods/status operation and that code path is causing an error because ownerRef has new fields unknown to kubelet.
**Release note**:
```release-note
OwnerReferencesPermissionEnforcement admission plugin ignores pods/status.
```
Automatic merge from submit-queue (batch tested with PRs 45826, 45747, 45548, 45606, 41766)
prevent pods/status from touching ownerreferences
pods/status updates touching ownerreferences causes new fields to be dropped.
I think we really want to protect our metatdata by default with something like https://github.com/kubernetes/kubernetes/pull/45552 . This fixes the immediate problem.
```release-note
prevent pods/status from touching ownerreferences
```
@derekwaynecarr @eparis
Automatic merge from submit-queue
Fix the outdated link to the Helm Charts repo
**What this PR does / why we need it**:
It is only a link fix, the repo URL has changed
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue
docs:examples:guestbook: don't advice untagged image
Using untagged images means no version at all, this can cause weird problems.
Right now, `redis:latest` is no longer compatible with the redis version used in the slave service of the example.
Automatic merge from submit-queue (batch tested with PRs 45807, 45814)
Fix invalid bash script in unit test.
This change fix such error when we run "make test":
"find: invalid expression; you have used a binary operator '-o' with
nothing before it."
@deads2k
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 45070, 45821, 45732, 45494, 45789)
Rename vars scheduledJob to cronJob
**What this PR does / why we need it**:
Rename vars scheduledJob to cronJob
**Special notes for your reviewer**:
refer to #45480
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 45070, 45821, 45732, 45494, 45789)
Fix lint errors in juju kubernetes master and e2e charms
**What this PR does / why we need it**: Fixes style error in the Juju charms
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```
Code style fixes in Juju charms
```
Automatic merge from submit-queue (batch tested with PRs 45070, 45821, 45732, 45494, 45789)
apiextesions-server integration tests: test multiple registration
**What this PR does / why we need it**:
Add integration test for Multiple registrations XREF: #45511
**Special notes for your reviewer**:
@deads2k my first plan was to submit one single PR for both tests but I'm facing one issue with resources deregistration. Get in touch via slack
Automatic merge from submit-queue (batch tested with PRs 45070, 45821, 45732, 45494, 45789)
Minor fix in run-gcloud-compute-with-retries output piping
To work with older versions of bash.
cc @wojtek-t @gmarek
Automatic merge from submit-queue
Uses container/heap for DelayingQueue
The current implementation of DelayingQueue doesn't perform very well when a large number of items (at random delays) are inserted. The original authors seemed to be aware of this and noted it in a `TODO` comment. This is my attempt at switching the implementation to use a priority queue based on `container/heap`.
Benchmarks from before the change:
```
╰─ go test -bench=. -benchmem | tee /tmp/before.txt
BenchmarkDelayingQueue_AddAfter-8 300000 256824 ns/op 520 B/op 3 allocs/op
PASS
ok k8s.io/kubernetes/staging/src/k8s.io/client-go/util/workqueue 77.237s
```
After:
```
╰─ go test -bench=. -benchmem | tee /tmp/after.txt
BenchmarkDelayingQueue_AddAfter-8 500000 3519 ns/op 406 B/op 4 allocs/op
PASS
ok k8s.io/kubernetes/staging/src/k8s.io/client-go/util/workqueue 2.969s
```
Comparison:
```
╰─ benchcmp /tmp/before.txt /tmp/after.txt
benchmark old ns/op new ns/op delta
BenchmarkDelayingQueue_AddAfter-8 256824 3519 -98.63%
benchmark old allocs new allocs delta
BenchmarkDelayingQueue_AddAfter-8 3 4 +33.33%
benchmark old bytes new bytes delta
BenchmarkDelayingQueue_AddAfter-8 520 406 -21.92%
```
I also find the `container/heap`-based code a bit more easy to understand. The implementation of the PriorityQueue is based on the documentation for `container/heap`.
Feedback definitely welcomed. This is one of my first contributions.
```release-note
NONE
```
Automatic merge from submit-queue
kube-apiextensions-server: Fix potential SEGV with null delegate handler
**What this PR does / why we need it**:
In the kube-apiextensions-server there is a fallback value for `null` delegate to `http.NotFoundHandler()` in handling group and versions discovery, but no fallback for custom resources endpoint.
It leads to SEGV when running with `genericapiserver.EmptyDelegate`.
Automatic merge from submit-queue
Fix discovery version for autoscaling to be v1
The order of the storage setup blocks in the setup for the autoscaling
API group was accidentally inverted, meaning that if the v2alpha1 API
group was turned on, it would be set to the preferred API group-version
for discovery.
This was unintentional; the latest stable version should (v1) should be
preferred instead.
**Release note**:
```release-note
Ensure that autoscaling/v1 is the preferred version for API discovery when autoscaling/v2alpha1 is enabled.
```
Automatic merge from submit-queue
[Federation] Fix federated service reconcilation issue due to addition of External…
…TrafficPolicy field to v1.Service
**What this PR does / why we need it**:
New fields (ExternalTrafficPolicy) are introduced to v1.Service by this PR #41162. If this field is not specified in service spec, the service controller will assign default and updates the service spec.
In federation, the service spec is not updated and we continuously try to reconcile as the federated service and the service in federated cluster do not match.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#45795
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
cc @kubernetes/sig-federation-bugs @madhusudancs
Automatic merge from submit-queue
use StringArrayVar for ResourceName
ref to https://github.com/kubernetes/kubernetes/pull/43903
```release-note
`kubectl create role` and `kubectl create clusterrole` no longer allow specifying multiple resource names as comma-separated arguments. Use repeated `--resource-name` arguments to specify multiple resource names.
```
Automatic merge from submit-queue
Add support for continuous testing of GPU node e2es in GCP.
This PR adds support for testing Nvidia GPUs on Ubuntu 14.04 base image.
Automatic merge from submit-queue
Add LogPath for container status in CRI
In order to get log path of container from CRI runtime, we need to add `LogPath` to `ContainerStatus` in CRI.
@Random-Liu @feiskyer
Automatic merge from submit-queue (batch tested with PRs 42759, 45553)
Allow certificate manager to be initialized with client.
Add test coverage to the certificate manager covering the initialization
scenario where it is initialized with no Certificate Request Signing
client, then the client is added later. This matches how it will be used
when the Certificate Request Signing client is also the consumer of the
certificate manager.
Automatic merge from submit-queue
Reorganize kubelet tree so apis can be independently versioned
@yujuhong @lavalamp @thockin @bgrant0607
This is an example of how we might reorganize `pkg/kubelet` so the apis it exposes can be independently versioned. This would also provide a logical place to put the `KubeletConfiguration` type, which currently lives in `pkg/apis/componentconfig`; it could live in e.g. `pkg/kubelet/apis/config` instead.
Take a look when you have a chance and let me know what you think. The most significant change in this PR is reorganizing `pkg/kubelet/api` to `pkg/kubelet/apis`, the rest is pretty much updating import paths and `BUILD` files.
Automatic merge from submit-queue (batch tested with PRs 44748, 45692)
Limiting client go packages visibility, round 3
Continue the work in the merged PR https://github.com/kubernetes/kubernetes/pull/45258
These packages in client-go will be gone after #44065 is fixed:
pkg/api/helper, pkg/api/util, internal version of api groups, API install packages.
This PR removes the dependency on these packages and add bazel visibility rules to prevent relapse.