Automatic merge from submit-queue
Use a structured error rather than an Aggregate error in discovery
Should provide more information for debugging the root cause of
discovery failures.
Exposes the true cause of #32009
@lavalamp @derekwaynecarr
Automatic merge from submit-queue
Feature gate is not stable sorted - docs change each gen
Also... why are the feature flags defined *in* pkg/util/config which has nothing to do with general Kube? Flags should be defined statically in a subpackage of the kubelet (if they are kubelet feature flags) or in pkg/kubernetes/features or something somewhere else generic.
Automatic merge from submit-queue
Combine the ValidateRunOptions errors
In the "ValidateRunOptions" function, it had better to show all the invalid flags, so the user can modify them at once.
Automatic merge from submit-queue
Split path validation into a separate library
This PR splits path segment validation into it's own package. This cuts off one of the restclient's dependency paths to some docker packages, and completely eliminates its dependency on go-restful swagger validation.
cc @kubernetes/sig-api-machinery
Automatic merge from submit-queue
Kubelet: implement GetPodStatus for new runtime API
Implement `GetPodStatus()` for new runtime API. Part of #28789 .
CC @yujuhong @Random-Liu @dchen1107
Automatic merge from submit-queue
rkt: Update kube-up rkt version to v1.14.0
cc @kubernetes/sig-rktnetes
This should have been included in #31286 (whoops).
This is a bugfix that I propose for v1.4 inclusion.
Automatic merge from submit-queue
Remove net.ipv4.tcp_max_syn_backlog from sysctl whitelist
Remove `net.ipv4.tcp_max_syn_backlog` from sysctl whitelist. This is not namespaced in today's kernels, but must be set on node-level.
Having this on the whitelist, wouldn't harm because the kernel only offers namespaced `net.*` sysctls in the `/proc/sys` tree. But having a sysctl on the whitelist, which cannot be used, doesn't make sense either.
#### 1.4 justification:
- Risk: the whitelist is a published API. We shouldn't have sysctls on there which do not work.
- Rollback: nothing should depend on this behavior.
- Cost: the cost of this is relatively low, as no pod with this sysctl will launch.
Automatic merge from submit-queue
Move StorageClass to a storage group
We discussed the pros and cons in sig-api-machinery yesterday. Choosing a particular group name means that clients (including our internal code) require less work and re-swizzling to handle promotions between versions. Even if you choose a group you end up not liking, the amount of work remains the same as the incubator work case: you move the affected kind, resource, and storage.
This moves the `StorageClass` type to the `storage.k8s.io` group (named for consistency with authentication, authorization, rbac, and imagepolicy). There are two commits, one for manaul changes and one for generated code.
Automatic merge from submit-queue
Check for EmptyConfig errors when trying to use in-cluster config
By removing the default "localhost:8080" behavior several paths in
client config began returning err == ErrEmptyConfig rather than err ==
nil. The code checking for in cluster config was wrong - the logic
should be:
1. If loading the underlying config returns a non-empty error, fail
2. If the underlying config is not equal to the default config,
return that config (it has user input)
3. If it is possible to use in-cluster config, do so
4. Otherwise return the default config (and or default EmptyConfig
error).
Fixes#31910 @thockin @lavalamp @deads2k. We introduced EmptyConfig a very long time ago, but until I removed the "localhost:8080" Kubernetes was not actually exposing it (OpenShift relies on it since we don't set an insecure default). This properly falls through to in-cluster config in the described conditions.
```release-note
Some components like kube-dns and kube-proxy could fail to load the service account token when started within a pod. Properly handle empty configurations to try loading the service account config.
```
By removing the default "localhost:8080" behavior several paths in
client config began returning err == ErrEmptyConfig rather than err ==
nil. The code checking for in cluster config was wrong - the logic
should be:
1. If loading the underlying config returns a non-empty error, fail
2. If the underlying config is not equal to the default config,
return that config (it's got user input)
3. If it is possible to use in cluster config, do so
4. Otherwise return the default config (and or default EmptyConfig
error).
Automatic merge from submit-queue
Add e2e tests for eviction subresource.
This branch includes changes pending in both #31638 and #31721. I will rebase
once those merge.
Automatic merge from submit-queue
fix log message to include ds name
The pod name is never set because newPod is created a couple lines up without a name. Instead log the name and namespace of the ds which the pod is created from.
also bump the log level because reasons loop get's hit fairly often and does not indicate a bug.
Automatic merge from submit-queue
Sleep between NodeStatus update retries
Just a thing I found when looking into other problems.
This is pretty much no-risk change fixing wrong behavior. Do you think it should go in 1.4? @pwittrock
Automatic merge from submit-queue
Fix errors.NewAggregate nil pointer panic
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
Consider the following code block,
```
err := myfunc()
agg := errors.NewAggregate([]error{err})
fmt.Println("aggregate error is %v", agg)
```
If the `err` is **nil**, then it will cause a panic:
```
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x20 pc=0x481a61]
goroutine 6 [running]:
panic(0x5769c0, 0xc082002090)
C:/Go/src/runtime/panic.go:464 +0x3f4
testing.tRunner.func1(0xc082074090)
C:/Go/src/testing/testing.go:467 +0x199
panic(0x5769c0, 0xc082002090)
C:/Go/src/runtime/panic.go:426 +0x4f7
k8s.io/kubernetes/pkg/util/errors.aggregate.Error(0xc082002590, 0x1, 0x1, 0x0, 0x0)
D:/goproject/community/src/k8s.io/kubernetes/pkg/util/errors/errors.go:71 +0x91
k8s.io/kubernetes/pkg/util/errors.(*aggregate).Error(0xc08200c7e0, 0x0, 0x0)
<autogenerated>:1 +0xb4
k8s.io/kubernetes/pkg/util/errors.TestAggregateWithNil(0xc082074090)
D:/goproject/community/src/k8s.io/kubernetes/pkg/util/errors/errors_test.go:70 +0x402
testing.tRunner(0xc082074090, 0x67cdb8)
C:/Go/src/testing/testing.go:473 +0x9f
created by testing.RunTests
C:/Go/src/testing/testing.go:582 +0x899
exit status 2
```
The root cause is that [aggregate.Error()](https://github.com/kubernetes/kubernetes/blob/master/pkg/util/errors/errors.go#L47) doesn't check if error list contains nil.
We can blame the user didn't check if `err` is nil before passing it to
```
errors.NewAggregate([]error{err})
```
but I think we can check again inside in case of user forget to check outside.
Node controller's internalPodInformer will block main thread
if it is not started as a go routine. This patch fixed this
by runing internalPodInformer as a go routine.
Automatic merge from submit-queue
add deploy for deployment in kubectl set image help text
add shorthand deploy for deployment in kubectl set image help text
Automatic merge from submit-queue
change annotate_resources to valid_resources
annotate_resources missing some resources such as deployment, namespace.
i think using valid_resources to replace annotate_resources more suitable.
Automatic merge from submit-queue
kubectl edit: Do not add warning header if ftype is json.
This PR blocks adding warning header if `kubectl edit` is used with `-o json` option.
Fixed header contains comment (what is not supported by json standard) what can break utilities which are using libraries that conforms with http://www.ietf.org/rfc/rfc7159.txtfixes#29524
/cc @pwittrock
```release-note
Removed comments in json config when using kubectl edit with -o json
```
Automatic merge from submit-queue
Make a vSphere cluster the failure_zone
vSphere cloud provider returns the FailureZone as Cluster, if the VM belongs to a ResourcePool under a Cluster.
fixes: #30933
* Currently the vSphere cloud provider treats Datacenter as the failure
Zone. This doesn't necessarily work since in the current implemention
Kubernetes nodes cannot span Datacenters.
* This change introduces Clusters as the failure zone, while treating
Datacenters as Regions
* Also updated tests for Zones
Automatic merge from submit-queue
Fix named pipe in kubectl zsh completion
This PR fixes#28049
Though my zsh version > 5.0, I still got the problem. So, I think we need this fix.
---
### Env
```
OS: Ubuntu 14.04
$ zsh --version
zsh 5.0.2 (x86_64-pc-linux-gnu)
```
### A simple DEMO to show the root cause
In zsh and bash, a multi-line named pipe, who is wrapped by parenthesis, is possible to mismatch the "right parenthesis", even that parenthesis is in a here-document.
The following script was going to use `sed` to print the text in the 'BASH_COMPLETION_EOF' here-document.
> * I made the `sed` simpler. As you can see, `sed` actually does nothing here. It just prints what it gets from `<<`). In real [`pkg/kubectl/cmd/completion.go`](https://github.com/kubernetes/kubernetes/blob/v1.3.5/pkg/kubectl/cmd/completion.go#L246-L258), `sed` will do some text replacement, changing bash functions to zsh functions. But that is not the point of the problem.
> * I use `cat <(...)` to replace the `source <(...)`.
> In this way, we can see how named pipe works.
run-bad.zsh:
```bash
#!/usr/bin/zsh
cat <(sed -e 's/foo/bar/g' <<'BASH_COMPLETION_EOF'
aaa='aaa'
case aaa in
'aaa') # <- This ')' is in a here-document, but it is handled by named pipe by mistake.
echo 'yes'
;;
esac
BASH_COMPLETION_EOF
)
```
> Output:
> ```
> ./run-bad.zsh
> aaa='aaa'
> case aaa in
> 'aaa'yes <- You can see the here-document `echo yes` has been executed!!!
> ./run-bad.zsh:8: parse error near `;;'
> ```
The named pipe `<(sed ...` "eats" the `)`, which should belong to `case aaa in 'aaa')`. So that the named pipe ends earlier than expectation. The left zsh code is broken, it fails.
### Here's the fix
Move the code into a function, and use an inline named pipe.
run.zsh:
```bash
#!/usr/bin/zsh
print_sed_result() {
sed -e 's/foo/bar/g' <<'BASH_COMPLETION_EOF'
aaa='aaa'
case aaa in
'aaa')
echo 'yes'
;;
esac
BASH_COMPLETION_EOF
}
cat <(print_sed_result) # <- Use an inline named pipe
```
> Output:
> ```
> ./run.zsh > stack@docker-dev01
> aaa='aaa'
> case aaa in
> 'aaa')
> echo 'yes'
> ;;
> esac
> ```
Now, the here-document and named pipe work correctly.
Automatic merge from submit-queue
Make @rootfs the assignee for various volumes
This, combined with the '/lgtm' capability of reviewers means you can approve
PRs. @rootfs - I assume you're OK with this?
Automatic merge from submit-queue
Typos and englishify pkg/cloudprovider + pkg/dns + pkg/kubectl
**What this PR does / why we need it**: Just fixed some typos + "englishify" in pkg/cloudprovider + pkg/dns + pkg/kubectl
**Which issue this PR fixes** : None
**Special notes for your reviewer**: It's just fixes typos
**Release note**: `NONE`
