Automatic merge from submit-queue
Change an Errorf to a Fatalf to prevent a panic.
In #37982 we see that if this error is hit then we will panic on the next line. Lets use `Fatalf` where appropriate :)
This does *not* fix the flake, since that's caused by the test assuming that a particular port is free.
Automatic merge from submit-queue
Clearer ImageGC failure errors. Fewer events.
Addresses #26000. Kubelet often "fails" image garbage collection if cAdvisor has not completed the first round of stats collection. Don't create events for a single failure, and make log messages more specific.
@kubernetes/sig-node-bugs
Automatic merge from submit-queue
Fixes links in CHANGELOG.md table of contents
**What this PR does / why we need it**:
Fixes TOC in `CHANGELOG.md`
**Special notes for your reviewer**:
`NONE`
**Release note**:
`NONE`
Automatic merge from submit-queue
Remove 'beta' from default storage class annotation (storage/util)
**What this PR does / why we need it**:
This is a follow up to: #42991 where I believe this file was overlooked.
It removes `beta` from the default storageclass annotation.
Without this fix you are not able to specify a default storage class like this:
```yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: standard
annotations:
storageclass.kubernetes.io/is-default-class: "true"
provisioner: kubernetes.io/aws-ebs
parameters:
type: gp2
```
because the annotation is ignored in: https://github.com/kubernetes/kubernetes/blob/master/plugin/pkg/admission/storageclass/default/admission.go#L129
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
/cc @jsafrane
Automatic merge from submit-queue
cluster/log-dump - chmod files before dumping
We make the files world-readable, so that installation techniques that
lock down the logfiles can still be dumped.
Issue https://github.com/kubernetes/test-infra/issues/2397
```release-note
NONE
```
Use shared informers instead of creating local controllers/reflectors
for the proxy's endpoints and service configs. This allows downstream
integrators to pass in preexisting shared informers to save on memory &
cpu usage.
This also enables the cache mutation detector for kube-proxy for those
presubmit jobs that already turn it on.
Automatic merge from submit-queue
Adding more proxy options and header to nginx load-balancer.
**What this PR does / why we need it**: The kubeapi-load-balancer uses nginx to proxy commands to the kube-apiserver. It currently does not support SPDY and therefore the `kubectl exec` command is broken.
**Which issue this PR fixes** :
fixes https://github.com/juju-solutions/bundle-canonical-kubernetes/issues/226
fixes https://github.com/juju-solutions/bundle-canonical-kubernetes/issues/201
**Special notes for your reviewer**: This only changes the nginx configuration no code change was required.
**Release note**:
```release-note
Using http2 in kubeapi-load-balancer to fix kubectl exec uses
```
We have a old boltdb/bolt, etcd has moved to newer boltdb, so we should
do the same. Specifically this change needs to be in our tree:
92410e0673
as this fixes intermittent issues we see in our CI runs. So in this
PR, we vendor the v1.3.0 version of boltdb/bolt.
Fixes#43973
Automatic merge from submit-queue (batch tested with PRs 43453, 42992)
make sure that the volume satisfies the requirements of the claim before binding
check if the volume requested by the claim satisfies the requirements of the claim before binding when
syncUnboundClaim and claim.Spec.VolumeName is not set, although the volume is asked by user
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 43453, 42992)
Cluster-autoscaler multistep node drain e2e
**What this PR does / why we need it**:
This is another Cluster-Autoscaler node drain test. It tests draining a node, when there is pdb allowing for moving some pods, but not all the required pods in one go. Basically it's a more complex scenario of other CA drain e2e, testing the retry logic in CA scale down.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 42674, 43937, 44020)
Fix spelling of 'arguments' for kubectl create authinfo
**What this PR does / why we need it**:
Fixes a silly spelling mistake in help output.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: n/a
**Special notes for your reviewer**:
I've signed the CLA but don't fully understand the PR process yet. I guess the "cla:yes" label gets added by someone else or automatically by a bot?
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 42674, 43937)
kube-proxy: OnServiceUpdate []*api.Service
This signature is more consistent with OnEndpointsUpdate and removes a
copy loop. This is part on ongoing cleanup to rate-limit iptables
calls.
Automatic merge from submit-queue
Fix abac oplicy example file
"system:unauthenticated" is a group name rather than user name.
Fix it in the example file.
**Release note**:
```NONE
```
We need to apply filter rules on the way in (nodeports) and out (cluster
IPs). Testing here is insufficient to have caught this - will come back
for that.
Automatic merge from submit-queue
node e2e: improve the validate OOM score test for infra containers
The test blindly checked all "pause" processes on the node, assuming
they were all infra containers. This change takes a snapshot of all
existing "pause" processes on the node, and exclude them in the
validation. The test still relies on the fact that it runs exclusively
on the node. If that assumption changes, we will need other methods to
locate the PIDs of the infra containers.
This fixes#37580
Automatic merge from submit-queue
Move autoscaling e2e tests to a separate directory
For fine-grain access control. Autoscaling team is expanding the e2e test coverage and the need for getting an approval for every PR is annoying.
cc: @MaciekPytel @jszczepkowski @fgrzadkowski @wojtek-t
Automatic merge from submit-queue
Include events when describing configmap
**What this PR does / why we need it**:
Currently `kubectl describe configmap/xxx` does not list events, even if there are events related to this congfigmap (and --show-events=true is explicitly passed). This PR makes it include events, same as for other resource types.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue
Add warning to skip v1.6.0 if you use kubeadm.
I'm not sure if this is the right place to put the warning. Suggestions welcome. Ideally it should be near the top and obvious to anyone who uses `kubeadm` but not overly obnoxious for those who don't.
Automatic merge from submit-queue
Support status.hostIP in downward API
**What this PR does / why we need it**:
Exposes pod's hostIP (node IP) via downward API.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
fixes https://github.com/kubernetes/kubernetes/issues/24657
**Special notes for your reviewer**:
Not sure if there's more documentation that's needed, please point me in the right direction and I will add some :)
Automatic merge from submit-queue
Add separate KubeletFlags struct and remove HostnameOverride and NodeIP from config type
Add a separate flags struct for Kubelet flags
Kubelet flags are not necessarily appropriate for the KubeletConfiguration
object. For example, this PR also removes HostnameOverride and NodeIP
from KubeletConfiguration.This is a preleminary step to enabling Nodes
to share configurations, as part of the dynamic Kubelet configuration
feature (#29459). Fields that must be unique for each node inhibit
sharing, because their values, by definition, cannot be shared.
/cc @ncdc @kubernetes/sig-node-misc @kubernetes/sig-cluster-lifecycle-misc
Automatic merge from submit-queue (batch tested with PRs 42973, 41582)
Improve status manager unit testing
This is designed to simplify testing logic in the status manager, and decrease reliance on syncBatch. This is a smaller portion of #37119, and should be easier to review than that change.
It makes the following changes:
- creates convenience functions for get, update, and delete core.Action
- prefers using syncPod on elements in the podStatusChannel to using syncBatch to reduce unintended reliance on syncBatch
- combines consuming, validating, and clearing actions into single verifyActions function. This replaces calls to testSyncBatch(), verifyActions(), and ClearActions
- changes comments in testing functions into log statements for easier debugging
@Random-Liu
Kubelet flags are not necessarily appropriate for the KubeletConfiguration
object. For example, this PR also removes HostnameOverride and NodeIP
from KubeletConfiguration. This is a preleminary step to enabling Nodes
to share configurations, as part of the dynamic Kubelet configuration
feature (#29459). Fields that must be unique for each node inhibit
sharing, because their values, by definition, cannot be shared.
Automatic merge from submit-queue
Adding gnufied as reviewer for volume controller
I have helped review several PRs and made new
PRs to this area.
cc @childsb @saad-ali
Automatic merge from submit-queue (batch tested with PRs 43925, 42512)
AWS: add KubernetesClusterID as additional option when VPC is set
This is a small enhancement after the PRs https://github.com/kubernetes/kubernetes/pull/41695 and https://github.com/kubernetes/kubernetes/pull/39996
## Release Notes
```release-note
AWS cloud provider: allow to set KubernetesClusterID or KubernetesClusterTag in combination with VPC.
```
Automatic merge from submit-queue
[CRI] Use DNSOptions passed by CRI in dockershim.
When @xlgao-zju is working on the CRI validation test, he found that dockershim is not using the DNSOptions passed in CRI. https://github.com/kubernetes-incubator/cri-tools/pull/30#issuecomment-290644357
This PR fixed the issue. I've manually tried, for `ClusterFirst` DNSPolicy, the resolv.conf will be:
```
nameserver 8.8.8.8
search corp.google.com prod.google.com prodz.google.com google.com
options ndots:5
```
For `Default` DNSPolicy, the resolv.conf will be:
```
nameserver 127.0.1.1
search corp.google.com prod.google.com prodz.google.com google.com
```
@xlgao-zju You should be able to test after this PR is merged.
/cc @yujuhong @feiskyer
