Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix TOC in CHANGELOG-1.8
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix warning messages due to GetMountRefs func not implemented in windows
**What this PR does / why we need it**:
This PR completes the windows implementation of GetMountRefs in mount.go. In linux, the GetMountRefs implementaion is: read `/proc/mounts` and find all mount points, while in Windows, there is no such `/proc/mounts` place which shows all mounting points.
There is another way in windows, **we could walk through(by `getAllParentLinks` func) the mount path(symbolic link) and get all symlinks until we got the final device, which is actually a drive**.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#54670
This PR fixed the warnning issue mentioned in https://github.com/kubernetes/kubernetes/pull/51252
**Special notes for your reviewer**:
Some values in the code would be like follwoing:
```
GetMountRefs: mountPath ("\\var\\lib\\kubelet\\pods/4c74b128-92ca-11e7-b86b-000d3a36d70c/volumes/kubernetes.io~azure-disk/pvc-1cc91c70-92ca-11e7-b86b-000d3a36d70c")
getAllParentLinks: refs (["" "" "c:\\var\\lib\\kubelet\\plugins\\kubernetes.io\\azure-disk\\mounts\\b1246717734" "G:\\"])
basemountPath c:\var\lib\kubelet\plugins\kubernetes.io\azure-disk\mounts
got volumeID b1246717734
```
**Release note**:
```
fix warning messages due to GetMountRefs func not implemented in windows
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix ENABLE_METADATA_CONCEALMENT firewall rules to respect true/false
**What this PR does / why we need it**: Fix ENABLE_METADATA_CONCEALMENT firewall rules to respect true/false; fixes introduced in #54150 (env var value of 'false' would trigger this). Ref #8867.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54165, 53909). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add conformance test test.
Add new `test/conformance` subdir, add code to generate a list of conformance tests, and add a test that verifies the list of tests.
The intent is to move management of the definition of conformance to sig-architecture.
```release-note
NONE
```
ref. #54726
Automatic merge from submit-queue (batch tested with PRs 54165, 53909). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Adding an e2e test for admission webhook
Part of https://github.com/kubernetes/features/issues/492
The purpose of this test is making sure the webhooks get called, and the apiserver can communicate with the webhook.
We will expand the test cover more webhook features in followups.
The webhook used in the test rejects pods with container names "webhook-disallow". Will upload the source code of the example in a follow up PR.
Automatic merge from submit-queue (batch tested with PRs 54437, 54714, 54720). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Don't log error in getInstanceFromProjectInZoneByName()
**What this PR does / why we need it**:
In function `getInstanceByName()` we attempt to get instance by name from all zones, presumably we might hit multiple not-found errors. Logging every such error seems misleading while debugging.
This PR makes it only logs non not-found errors while getting instance. If eventually no instance is found,
an InstanceNotFound error will be returned as well.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #NONE
**Special notes for your reviewer**:
/assign @dnardo @nicksardo
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54437, 54714, 54720). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove unneeded deps
**What this PR does / why we need it**:
Removes unneeded deps that were left behind when the federation code was removed in #53816. This is causing `ci-kubernetes-verify-master` to fail.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#54711
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54437, 54714, 54720). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Adds support for v4/v6 loopback dns bind address.
**What this PR does / why we need it**:
Previously, IPv4 Loopback addresses (127.0.0.1) were hard coded into the kubeadm dns deployment manifest. This PR adds support for using an IPv6 Loopback (::1) when the kube-dns Service IP is an IPv6 address.
**Special notes for your reviewer**:
Required for IPv6-only deployments.
**Release note**:
```NONE
```
/area ipv6
/sig network
Automatic merge from submit-queue (batch tested with PRs 54331, 54655, 54320, 54639, 54288). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
local up cluster in ipvs mode by add env 'KUBEPROXY_MODE=ipvs'
**What this PR does / why we need it**:
We can use env 'KUBEPROXY_MODE=ipvs' to up cluster with kube-proxy in ipvs mode.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54331, 54655, 54320, 54639, 54288). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Updates kube-dns in kubeadm to 1.14.7
**What this PR does / why we need it**:
Adds support for the latest kube-dns image (1.14.7) introduced by https://github.com/kubernetes/kubernetes/pull/54443
**Special notes for your reviewer**:
Required for IPv6 support.
/area ipv6
/sig network
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 54331, 54655, 54320, 54639, 54288). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Ability to do object count quota for all namespaced resources
**What this PR does / why we need it**:
- Defines syntax for generic object count quota `count/<resource>.<group>`
- Migrates existing objects to support new syntax with old syntax
- Adds support to quota all standard namespace resources
- Updates the controller to do discovery and replenishment on those resources
- Updates unit tests
- Tweaks admission configuration around quota
- Add e2e test for replicasets (demonstrate dynamic generic counting)
```
$ kubectl create quota test --hard=count/deployments.extensions=2,count/replicasets.extensions=4,count/pods=3,count/secrets=4
resourcequota "test" created
$ kubectl run nginx --image=nginx --replicas=2
$ kubectl describe quota
Name: test
Namespace: default
Resource Used Hard
-------- ---- ----
count/deployments.extensions 1 2
count/pods 2 3
count/replicasets.extensions 1 4
count/secrets 1 4
```
**Special notes for your reviewer**:
- simple object count quotas no longer require writing code
- deferring support for custom resources pending investigation about how to share caches with garbage collector. in addition, i would like to see how this integrates with downstream quota usage in openshift.
**Release note**:
```release-note
Object count quotas supported on all standard resources using `count/<resource>.<group>` syntax
```
Automatic merge from submit-queue (batch tested with PRs 54331, 54655, 54320, 54639, 54288). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove the nesting directory webhook/webhook
A mechanical change to remove the accidental nesting webhook/webhok directory.
@deads2k lgtm'ed the change and approved for self tagging over a slack chat.
This test creates a golden list of existing conformance tests. Efforts
to add or remove conformance tests will require you to rebuild the
golden list, and changes to the golden list will be reviewed by
sig-architecture.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
convert testFailedDeployment e2e test to integration test
**What this PR does / why we need it**:
This PR convert a deployment e2e test named "testFailedDeployment" to integration test.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: xref #52113
**Release note**:
```release-note
NONE
```
/assign
Automatic merge from submit-queue (batch tested with PRs 54635, 54250, 54657, 54696, 54700). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove iptables log on restore failure
Don't log the set of rules at v2 in kube-proxy on error.
The rules are displayed at v5 before the restore is attempted.
In a large cluster the report can generate up to 100000 lines.
A partial report is only helpful if the problem is displayed
in the partial report.
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 54635, 54250, 54657, 54696, 54700). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Don't cache exec and mounter in RBD volume plugin
#51608 has broken containerized RBD mount utilities proposed in https://github.com/kubernetes/kubernetes/pull/53440.
Volume plugin can get a different exec and mounter implementation with every call, it must not be cached.
```release-note
NONE
```
/sig storage
/assign @rootfs
Automatic merge from submit-queue (batch tested with PRs 54635, 54250, 54657, 54696, 54700). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove unused pods in genericScheduler
**What this PR does / why we need it**: source code cleanup. less confusion.
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 54635, 54250, 54657, 54696, 54700). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add openssh-client back into the debian-hyperkube-base image
**What this PR does / why we need it**: adds `openssh-client` back into the `debian-hyperkube-base` image. This was removed in #48365, but is apparently needed by the gitRepo volume plugin.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#54129
**Special notes for your reviewer**:
I haven't yet pushed this image, so builds will fail. If this looks good, I'll push and re-trigger tests.
**Release note**:
```release-note
Add openssh-client back into the hyperkube image. This allows the gitRepo volume plugin to work properly.
```
/assign @luxas @tallclair
Automatic merge from submit-queue (batch tested with PRs 54635, 54250, 54657, 54696, 54700). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Bump version of prometheus-to-sd to 0.2.2.
Bump version of prometheus-to-sd to improve logging, add pod_name and
pod_namespace flags and remove deprecated flags.
Fixes#54583
```release-note
NONE
```
This enables chunking in the resource builder to make it easy to
retrieve resources in pages and visit partial result sets. This adds
`--chunk-size` to `kubectl get` only so that users can get comfortable
with the use of chunking in beta. Future changes will enable chunking
for all CLI commands so that bulk actions can be performed more
efficiently.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix incorrect log
**What this PR does / why we need it**:
fix incorrect log in nfs_test.go
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
NONE
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove duplicated code
**What this PR does / why we need it**:
remove duplicated code
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
handler initiated twice.
```
cc := &CertificateController{
kubeClient: kubeClient,
queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "certificate"),
handler: handler,
}
cc.handler = handler
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51409, 54616). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Generate kubeadm referencedoc and man pages
**What this PR does / why we need it**:
Improve kubeadm reference doc and start generating kubeadm man pages.
With this PR, also kubeadm will start following the same approach used by other tools
**Which issue this PR fixes**
initial work for [#265](https://github.com/kubernetes/kubeadm/issues/265)
**Special notes for your reviewer**:
This [document](https://docs.google.com/document/d/1w22y-C1YD1mmqqETxrQrCLnJpzwttscanddgvfYceYY/edit?usp=sharing) contains the design proposal for how to implement this goal, that will be implemented partially in https://github.com/kubernetes/kubernetes (this PR) and partially in https://github.com/kubernetes/website
In order to keep the PR as small and clean possible I didn't generated new placeholders files under `/docs/man` and `/docs/admin` at this stage. If this is necessary, I will do this later in this PR or eventually in another PR; however, if this is not strictly necessary, IMO we should avoid to pollute this repo with placeholders to file that are maintained in another repo.
cc @kubernetes/sig-docs-maintainers @Bradamant3 @heckj
