Automatic merge from submit-queue
Remove system:anonymous check from kubectl test
This verbiage doesn't appear when the cluster is `AlwaysAllow` (and just makes the check more brittle).
Follow-on to #39263, this is the last (consistent) failure on [kops-aws](https://k8s-testgrid.appspot.com/google-aws#kops-aws&sort-by-failures=)
Automatic merge from submit-queue
Add three more columns to `kubectl get deploy -o wide` output.
Added CONTAINER(S), IMAGE(S) and SELECTOR fields to the output
of `kubectl get deploy -o wide`.
Fixed#39147
Automatic merge from submit-queue
Avoid unnecessary memory allocations
Low-hanging fruits in saving memory allocations. During our 5000-node kubemark runs I've see this:
ControllerManager:
- 40.17% k8s.io/kubernetes/pkg/util/system.IsMasterNode
- 19.04% k8s.io/kubernetes/pkg/controller.(*PodControllerRefManager).Classify
Scheduler:
- 42.74% k8s.io/kubernetes/plugin/pkg/scheduler/algrorithm/predicates.(*MaxPDVolumeCountChecker).filterVolumes
This PR is eliminating all of those.
Automatic merge from submit-queue
Tolerate a Forbidden error in e2e RBAC RoleBinding setup.
The three tests that require RBAC rolebindings to be set up currently fail if RBAC is not enabled. This allows those tests to work as they did before we added the RBAC setup step.
Addresses #39259
Automatic merge from submit-queue
Refactor operation_executor to make it testable
**What this PR does / why we need it**:
To refactor operation_executor to make it unit testable
**Release note**:
`NONE`
Automatic merge from submit-queue (batch tested with PRs 39152, 39142, 39055)
openstack: Forcibly detach an attached cinder volume before attaching elsewhere
Fixes#33288
**What this PR does / why we need it**:
Without this fix, we can't preemptively reschedule pods with persistent volumes to other hosts (for rebalancing or hardware failure recovery).
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#33288
**Special notes for your reviewer**:
(This is a resurrection/cleanup of PR #33734, originally authored by @Rotwang)
**Release note**:
Automatic merge from submit-queue (batch tested with PRs 39152, 39142, 39055)
Add test for json tags on internal and external types
Follow up from https://github.com/kubernetes/kubernetes/pull/38406
- adds static analysis tests preventing internal types from adding new json or protobuf tags
- adds static analysis tests requiring json tags on external types (and enforcing lower-case first letter)
- fixes issues found by the tests
Automatic merge from submit-queue (batch tested with PRs 38909, 39213)
Add path exist check in getPodVolumePathListFromDisk
Add the path exist check in the function. If the path does not exist,
return empty list and nil error.
fix issue #38498
Automatic merge from submit-queue
Add bazel-build and bazel-test to the Makefile.
Lets make these the source of truth rather than some script living in test-infra. That way we can test changes in presubmit.
Automatic merge from submit-queue
Add PDB to kubectl get --help.
**What this PR does / why we need it**: Adds PDB to kubectl get --help
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: Fixes https://github.com/kubernetes/kubernetes/issues/39100
**Release note**:
```release-note
NONE
```
/cc @saad-ali @mwielgus
Automatic merge from submit-queue (batch tested with PRs 39250, 39206)
WIP: work around for IP and port Allocator repair race
Fixes#37488
WIP: This does the IP allocator but not the port allocator yet. Sending for review before I clone the deltas for ports.
Idea: force the repair loop to detect a leak 3 times in a row before actually releasing the IP. That should allow any distributed races to resolve. It's a little hacky, but without mutual exclusion or proper transactions, it works.
Automatic merge from submit-queue
Adds assignees for kube-dns
Adds assignees for auto-assigning. Does not add assignees for pkg/dns folder as we are moving it out.
@thockin
Automatic merge from submit-queue
Adds kubernetes.io link for dns autoscaler addon
The [official page for DNS Horizontal Autoscaling](http://kubernetes.io/docs/tasks/administer-cluster/dns-horizontal-autoscaling/) is available on kubernetes.io after 1.5 release. Putting the link into this dns autoscaler addon folder as well.
@bowei
Automatic merge from submit-queue
Enable update tests in federated namespace controller
Previously it was disabled because of flakiness.
cc: @nikhiljindal @madhusudancs
Automatic merge from submit-queue
Optimize pod affinity when predicate
Optimize by returning as early as possible to avoid invoking priorityutil.PodMatchesTermsNamespaceAndSelector.
Automatic merge from submit-queue
CreateNodeSelectorPods should respect parameter
Fix (1): `CreateNodeSelectorPods` should respect parameter `id`.
The existing e2e does not break because it happened use "node-selector" as id, which is the same as the hard coded value.
Fix (2): The current `CreateNodeSelectorPods` does not use `nodeSelector` parameter, it hard coded a label instead.
The reason current e2e does not influenced because we happened use the same label: https://github.com/kubernetes/kubernetes/blob/master/test/e2e/cluster_size_autoscaling.go#L177
Found these bugs during testing #36238
Automatic merge from submit-queue
Raise markVolMountedErr instead of unmountErr
Hit this when debugging https://github.com/kubernetes/kubernetes/issues/37657
We wrongly raised `unmountErr` when `markVolMountedErr` occurs.
Automatic merge from submit-queue
Begin paths for internationalization in kubectl
This is just the first step, purposely simple so we can get the interface correct.
@kubernetes/sig-cli @deads2k
Automatic merge from submit-queue
kubectl: commas in --from-literal on secret creation
Closes#35185
``` release-note
Fixes an issue where commas were not accepted in --from-literal flags when creating secrets. Passing multiple values separated by a comma in a single --from-literal flag is no longer supported. Please use multiple --from-literal flags to provide multiple values.
```
Automatic merge from submit-queue (batch tested with PRs 39029, 39014)
[Glusterfs Vol Plugin]: Check kube client is invalid and return error
Fixes: #38939
In volume plugins, we need to create a kube client to make api call. And this kube client can be nil when, for example, wrong api-server configuration, but kubelet should not crash in this case.
I have also checked other plugins and found only glusterfs need this fix.
Automatic merge from submit-queue
Fix cloud-config name in test case
**What this PR does / why we need it**: fixes default cloud-config name in test cases for reset.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: related to kubernetes/kubeadm#75
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
use bytes.Buffer instead of append for error string concat
**What this PR does / why we need it**:
1. in my benchmark test, `bytes.Buffer` takes much less time ( about 1:1000 ) than string append( `+=` ).
>BenchmarkAppendConcat-4 100000 151438 ns/op 578181 B/op 2 allocs/op
BenchmarkBufferSprintf-4 3000000 487 ns/op 65 B/op 3 allocs/op
BenchmarkBufferConcat-4 5000000 271 ns/op 47 B/op 1 allocs/op
the benchmark codes is here https://play.golang.org/p/LS52zGuwZN
2. in our `RunInitMasterChecks`, `RunJoinNodeChecks` there are lots of preflight checks. they may result in a huge error message. so `bytes.Buffer` can bring considerable performance enhancement in the worst of conditions.
beyond that, this PR
1. fix an exported struct comment,
1. and use `found = append( found, errs...)` instead of for loop for simplicity.
Signed-off-by: bruceauyeung <ouyang.qinhua@zte.com.cn>
Automatic merge from submit-queue (batch tested with PRs 39093, 34273)
start breaking up controller manager into two pieces
This PR addresses: https://github.com/kubernetes/features/issues/88
This commit starts breaking the controller manager into two pieces, namely,
1. cloudprovider dependent piece
2. coudprovider agnostic piece
the controller manager has the following control loops -
- nodeController
- volumeController
- routeController
- serviceController
- replicationController
- endpointController
- resourceQuotaController
- namespaceController
- deploymentController
etc..
among the above controller loops,
- nodeController
- volumeController
- routeController
- serviceController
are cloud provider dependent. As kubernetes has evolved tremendously, it has become difficult
for different cloudproviders (currently 8), to make changes and iterate quickly. Moreover, the
cloudproviders are constrained by the kubernetes build/release lifecycle. This commit is the first
step in moving towards a kubernetes code base where cloud providers specific code will move out of
the core repository, and will be maintained by the cloud providers themselves.
I have added a new cloud provider called "external", which signals the controller-manager that
cloud provider specific loops are being run by another controller. I have added these changes in such
a way that the existing cloud providers are not affected. This change is completely backwards compatible, and does not require any changes to the way kubernetes is run today.
Finally, along with the controller-manager, the kubelet also has cloud-provider specific code, and that will be addressed in a different commit/issue.
@alena1108 @ibuildthecloud @thockin @dchen1107
**Special notes for your reviewer**:
@thockin - Im making this **WIP** PR to ensure that I don't stray too far from everyone's view of how we should make this change. As you can see, only one controller, namely `nodecontroller` can be disabled with the `--cloudprovider=external` flag at the moment. I'm working on cleaning up the `rancher-controller-manger` that I wrote to test this.
Secondly, I'd like to use this PR to address cloudprovider specific code in kubelet and api-server.
**Kubelet**
Kubelet uses provider specific code for node registration and for checking node-status. I thought of two ways to divide the kubelet:
- We could start a cloud provider specific kubelet on each host as a part of kubernetes, and this cloud-specific-kubelet does node registration and node-status checks.
- Create a kubelet plugin for each provider, which will be started by kubelet as a long running service. This plugin can be packaged as a binary.
I'm leaning towards the first option. That way, kubelet does not have to manage another process, and we can offload the process management of the cloud-provider-specific-kubelet to something like systemd.
@dchen1107 @thockin what do you think?
**Kube-apiserver**
Kube-apiserver uses provider specific code for distributing ssh keys to all the nodes of a cluster. Do you have any suggestions about how to address this?
**Release note**:
``` release-note
```
Automatic merge from submit-queue
kubeadm: Default to using token discovery.
Recent changes to support multiple methods for discovery meant that
"kubeadm init" no longer was sufficient and users would need to add
"--discovery token://" to achieve the same results.
Instead lets assume discovery if the user does not specify anything else
to maintain parity and the brevity of our original instructions.
**Release note**:
```release-note
NONE
```
CC @mikedanese @luxas
Automatic merge from submit-queue
Support loading UTF16 files if a byte-order-mark is present
Add support in kubectl for loading UTF16 encoded files if they have a correct BOM (Byte-Order-Mark https://en.wikipedia.org/wiki/Byte_order_mark) at the beginning
of the file. Falls back on UTF8 encoding, if no understandable BOM is present.
Fixes part of https://github.com/kubernetes/kubernetes/issues/39007
@fabianofranz @deads2k @kubernetes/sig-cli-misc
Automatic merge from submit-queue (batch tested with PRs 38920, 38090)
Improve error message for name/label validation.
Instead of just providing regex in name/label validation error output, we need to add the naming rules of the name/label, which is more end-user readable.
Fixed#37654
