Automatic merge from submit-queue
Make GCI nodes mount non tmpfs, ext* & bind mounts using an external mounter
This PR downloads the stage1 & gci-mounter ACIs as part of cluster bring up instead of downloading them dynamically from gcr.io, which was the cause for #36206.
I have also optimized the containerized mounter to pre-load the mounter image once to avoid fetch latency while using it.
Original PR which got reverted: https://github.com/kubernetes/kubernetes/pull/35821
```release-note
GCI nodes use an external mounter script to mount NFS & GlusterFS storage volumes
```
@mtaufen Node e2e is not re-enabled in this PR.
cc @jingxu97
Automatic merge from submit-queue
Fixing federation secret controller unit test flakiness
Fixes https://github.com/kubernetes/kubernetes/issues/36422
Adding a wait for the secret to be updated in the store to fix flakiness.
It was failing ~once in 3 to 5 runs before this change. I now have had 30 local runs without a failure.
cc @kubernetes/sig-cluster-federation @mwielgus
Automatic merge from submit-queue
add master address into kubeadm join help message and some validations
**What this PR does / why we need it**:
1, add master address into kubeadm join help message. looks like :
>Usage:
> kubeadm join <master address> [flags]
2, when user provides more than one master address, return an error.
3, since `kubeadm join` not only support ip addresses but also host names or domain names, so i delete the word `ip` from error message `must specify master ip address (see --help)`
Signed-off-by: bruceauyeung <ouyang.qinhua@zte.com.cn>
Automatic merge from submit-queue
Fix find pattern in generating kubernetes src tarball
#36407 wasn't supposed to merge. This fixes a small issue in it.
Automatic merge from submit-queue
specify custom ca file to verify the keystone server
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
Sometimes the keystone server's certificate is self-signed, mainly used for internal development, testing and etc.
For this kind of ca, we need a way to verify the keystone server.
Otherwise, below error will occur.
> x509: certificate signed by unknown authority
This patch provide a way to pass in a ca file to verify the keystone server when starting `kube-apiserver`.
**Which issue this PR fixes** : fixes#22695, #24984
**Special notes for your reviewer**:
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
``` release-note
```
Automatic merge from submit-queue
Make kubernetes-src.tar.gz contain source code again
**What this PR does / why we need it**: This PR fixes `kubernetes-src.tar.gz` by reviving the logic for `kube-source.tar.gz` from before #30787.
**Which issue this PR fixes**: fixes#36403
@saad-ali @jbeda @zmerlynn
Automatic merge from submit-queue
Fail kubelet creation if swap enabled and configured with memory eviction thresholds
/cc @vishh @derekwaynecarr
**Release note**:
```
This adds an opt-in Kubelet flag (--fail-swap-on) that causes the Kubelet to fail to start if swap is enabled on the node. This is a temporary opt-in, and the Kubelet will by default fail with swap enabled starting in 1.6.0. The KubeletConfiguration equivalent to the flag is FailSwapOn.
```
Provides an opt-in flag, --experimental-fail-swap-on (and corresponding
KubeletConfiguration value, ExperimentalFailSwapOn), which is false by default.
Automatic merge from submit-queue
Fix flunetd-gcp image Dockerfile
A mistake was made during rebasing this PR: https://github.com/kubernetes/kubernetes/pull/36370
One line, earlier deleted, was restored and broke the image build.
@piosz
Automatic merge from submit-queue
Deprecate extensions/v1beta1.Jobs related stuff
This PR supersedes https://github.com/kubernetes/kubernetes/pull/33861, it's a pre-req for removing `extensions/v1beta1.Jobs` (#32763) in the next release.
@kubernetes/kubectl @kubernetes/api-review-team ptal
@bgrant0607 @erictune @janetkuo fyi
```release-note
Deprecate extensions/v1beta1.Jobs
```
