Automatic merge from submit-queue (batch tested with PRs 64300, 64375). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Declare kubectl wait flag in a way consistent with other deletion flags
**What this PR does / why we need it**:
A follow up PR for #64034 and #63979 that makes declaring wait flag consistent with the other flags.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#64401
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 64392, 63885). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove unnecessary roundtripping in get.go
/assign @deads2k @juanvallejo
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 64308, 64367, 64165, 64274). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Restore InstanceNotFound comment & logic
Otherwise node deregistration is broken on AWS.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 64399, 64324, 64404, 64406, 64396). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Should use `hostProcMountinfoPath` constant in nsenter_mount.go.
**What this PR does / why we need it**:
In nsenter mounter implementation, we should read mountinfo from `/rootfs/proc/1/mountinfo` instead of `/proc/self/mountinfo`.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
`/proc/self/mountinfo` will prefix `/rootfs` on mount point path, see
```
$ mkdir /mnt/test
$ mount -t tmpfs tmpfs /mnt/test/
$ docker run -it --volume=/:/rootfs:ro,rslave --net=host --pid=host --privileged=true busybox:latest cat /rootfs/proc/1/mountinfo | grep '\/mnt\/test'
442 25 0:80 / /mnt/test rw,relatime shared:70 - tmpfs tmpfs rw
$ docker run -it --volume=/:/rootfs:ro,rslave --net=host --pid=host --privileged=true busybox:latest cat /proc/self/mountinfo | grep '\/mnt\/test'
1075 985 0:80 / /rootfs/mnt/test rw,relatime master:70 - tmpfs tmpfs rw
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix azure file size grow issue
**What this PR does / why we need it**:
fix azure file size grow issue
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#64382
**Special notes for your reviewer**:
**Release note**:
```
fix azure file size grow issue
```
/sig azure
/assign @feiskyer
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update ipvs docs --- check the prerequisite
**What this PR does / why we need it**:
As #63850 have been merged, the `Prerequisite` should be updated.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
disable PersistentVolumeLabel admission controller by default
**What this PR does / why we need it**:
Disables PersisntVolumeLabel admission controller by default. This was set for [deprecation since 1.8](https://github.com/kubernetes/kubernetes/pull/52618) so we can now disable it by default. PersisntVolumeLabel admission controller can still be explicitly enabled and can also run on external cloud controller manageres.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
https://github.com/kubernetes/kubernetes/issues/52617
**Special notes for your reviewer**:
**Release note**:
```release-note
(ACTION REQUIRED) PersisntVolumeLabel admission controller is now disabled by default. If you depend on this feature (AWS/GCE) then ensure it is added to the `--enable-admission-plugins` flag on the kube-apiserver.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix nodeport repair for ESIPP services
**What this PR does / why we need it**:
The nodeport allocation repair controller does not scrape the `Service.Spec.healthCheckNodePort` value and would remove the allocation from memory and etcd after 10 minutes. This opens the door for other services to use the same nodeport and cause collisions.
**Which issue(s) this PR fixes**:
Fixes#54885
**Release note**:
```release-note
Fix issue of colliding nodePorts when the cluster has services with externalTrafficPolicy=Local
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Adding tests for ImageLocalityPriority
**What this PR does / why we need it**:
This PR adds tests for ImageLocalityPriority scheduling policy, as follow-ups of [#63842](https://github.com/kubernetes/kubernetes/issues/63842) and [#63345](https://github.com/kubernetes/kubernetes/issues/63345). It includes the unit test for ImageSizes function of NodeInfo in the scheduler cache.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
@resouer
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Validate cgroups-per-qos for Windows
**What this PR does / why we need it**:
cgroups-per-qos and enforce-node-allocatable is not supported on Windows, but kubelet allows it on Windows. And then Pods may stuck in terminating state because of it. Refer #61716.
This PR adds validation for them and make kubelet refusing to start in this case.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61716
**Special notes for your reviewer**:
**Release note**:
```release-note
Fail fast if cgroups-per-qos is set on Windows
```
Automatic merge from submit-queue (batch tested with PRs 64288, 64343). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[gce provider] Add more wrappers for security policy
**What this PR does / why we need it**:
Adding more wrappers for security policy, mostly for implementing the e2e test.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #NONE
**Special notes for your reviewer**:
/assign @nicksardo
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 63859, 63979). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Drop reapers
/assign @deads2k @juanvallejo
**Release note**:
```release-note
kubectl delete does not use reapers for removing objects anymore, but relies on server-side GC entirely
```
Automatic merge from submit-queue (batch tested with PRs 63859, 63979). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove signal handler registration from pkg/kubelet
**What this PR does / why we need it**:
The goal of this change is to remove the registration of signal
handling from pkg/kubelet (i.e., library code).
If you register a signal handler in `main()` to aid in a controlled
and deliberate exit then the handler registered in `pkg/kubelet` often
wins and the process exits immediately. This means all other signal
handler registrations are currently racy if `DockerServer.Start()` is
directly or indirectly invoked.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
This change also removes another signal handler registration from
`NewAPIServerCommand()`; a stop channel is now passed to this
function.
**Release note**:
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update function hasClusterTag to fix issue #64230
**What this PR does / why we need it**:
Fixes issue #64230, by changing function hasClusterTag, in aws/tags.go, to ensure that, when called with a list of tags containing a tag with a key which matches clusterTagKey, function will return true even if a tag with key TagNameKubernetesClusterLegacy also exists in the list with a value other than the ClusterID.
**Which issue(s) this PR fixes**:
Fixes#64230
**Special notes for your reviewer**:
Notes are in issue
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 63232, 64257, 64183, 64266, 64134). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move SuggestedPodTemplateResources from factory to set_resources
**What this PR does / why we need it**:
Move SuggestedPodTemplateResources from factory to set_resources
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#64106
**Special notes for your reviewer**:
/cc @juanvallejo
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 63232, 64257, 64183, 64266, 64134). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix kubectl set subject --all option invalid bug
**What this PR does / why we need it**:
Fix the kubectl set subject --all option invalid bug and add test cases for it
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#64182
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61963, 64279, 64130, 64125, 64049). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix TestSchedulerWithVolumeBinding to avoid setting predicate ordering.
It is causing data race condition as predicate ordering is changing global
variable `predicatesOrdering`. Infact this test does not require any special
predicate order and should work on default predicate ordering as far as
VolumeScheduling feature is enabled.
See these logs:
```
==================
==================
WARNING: DATA RACE
Read at 0x00c420894180 by goroutine 156:
k8s.io/kubernetes/pkg/scheduler/core.podFitsOnNode()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/pkg/scheduler/core/generic_scheduler.go:503 +0xbb
k8s.io/kubernetes/pkg/scheduler/core.(*genericScheduler).findNodesThatFit.func1()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/pkg/scheduler/core/generic_scheduler.go:353 +0x2f0
k8s.io/kubernetes/vendor/k8s.io/client-go/util/workqueue.Parallelize.func1()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/vendor/k8s.io/client-go/util/workqueue/parallelizer.go:47 +0xa3
Previous write at 0x00c420894180 by goroutine 186:
k8s.io/kubernetes/pkg/scheduler.TestSchedulerWithVolumeBinding()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/pkg/scheduler/scheduler_test.go:663 +0x71
testing.tRunner()
/usr/lib/golang/src/testing/testing.go:777 +0x16d
Goroutine 156 (running) created at:
k8s.io/kubernetes/vendor/k8s.io/client-go/util/workqueue.Parallelize()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/vendor/k8s.io/client-go/util/workqueue/parallelizer.go:43 +0x139
k8s.io/kubernetes/pkg/scheduler/core.(*genericScheduler).findNodesThatFit()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/pkg/scheduler/core/generic_scheduler.go:378 +0xe8a
k8s.io/kubernetes/pkg/scheduler/core.(*genericScheduler).Schedule()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/pkg/scheduler/core/generic_scheduler.go:131 +0x385
k8s.io/kubernetes/pkg/scheduler.(*Scheduler).schedule()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/pkg/scheduler/scheduler.go:192 +0xcd
k8s.io/kubernetes/pkg/scheduler.(*Scheduler).scheduleOne()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/pkg/scheduler/scheduler.go:447 +0x598
k8s.io/kubernetes/pkg/scheduler.(*Scheduler).(k8s.io/kubernetes/pkg/scheduler.scheduleOne)-fm()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/pkg/scheduler/scheduler.go:182 +0x41
k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait.JitterUntil.func1()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:133 +0x61
k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait.JitterUntil()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:134 +0xcd
k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait.Until()
/home/avagarwa/upstream-code/gocode/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:88 +0x5a
Goroutine 186 (running) created at:
testing.(*T).Run()
/usr/lib/golang/src/testing/testing.go:824 +0x564
testing.runTests.func1()
/usr/lib/golang/src/testing/testing.go:1063 +0xa4
testing.tRunner()
/usr/lib/golang/src/testing/testing.go:777 +0x16d
testing.runTests()
/usr/lib/golang/src/testing/testing.go:1061 +0x4e1
testing.(*M).Run()
/usr/lib/golang/src/testing/testing.go:978 +0x2cd
main.main()
_testmain.go:52 +0x22a
==================
--- FAIL: TestSchedulerWithVolumeBinding (18.04s)
testing.go:730: race detected during execution of test
FAIL
```
It is pretty easy to reproduce this race by following these steps:
```
cd pkg/scheduler
go test -c -race
stress -p 100 ./scheduler.test
```
Predicate ordering to this unit test was added here: https://github.com/kubernetes/kubernetes/pull/57168
Since the whole scheduler instance uses just one ordering at time, not sure what is the advantage.
@kubernetes/sig-scheduling-bugs @bsalamat @k82cn @frobware @smarterclayton @sjenning
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 63417, 64249, 64242, 64128, 64275). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
graduate DynamicKubeletConfig feature to beta
Everything in the https://github.com/kubernetes/features/issues/281 beta target except a few documentation-related items is complete. Docs should be done very soon, so I'm sending this PR to graduate to beta before freeze.
```release-note
The dynamic Kubelet config feature is now beta, and the DynamicKubeletConfig feature gate is on by default. In order to use dynamic Kubelet config, ensure that the Kubelet's --dynamic-config-dir option is set.
```
/cc @luxas
Automatic merge from submit-queue (batch tested with PRs 63417, 64249, 64242, 64128, 64275). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix bugs that break processing when printing errors occur in kubectl
**What this PR does / why we need it**:
The process should continue when error happens, this patch fix the problem
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 63319, 64248, 64250, 63890, 64233). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
move Describer from factory
**Release note**:
```release-note
NONE
```
Moves `Describer` out of the object_mapping_factory
cc @soltysh @deads2k
Automatic merge from submit-queue (batch tested with PRs 63319, 64248, 64250, 63890, 64233). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Additional test coverage for kubectl/cmd/cp
This commit adds some additional test coverage
for the kubectl cp command.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 63319, 64248, 64250, 63890, 64233). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add reason message logs for non-exist Azure resources
**What this PR does / why we need it**:
In azure_wrap.go the function checkResourceExistsFromError() looks at a received error and determines it to be a ResourceNotFound if the HTTP status is http.StatusNotFound. However, the HTTP status also equals http.StatusNotFound in case of SubscriptionNotFound.
this PR adds logs to indict the real error messages for such case.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#64220
**Special notes for your reviewer**:
**Release note**:
```release-note
Add reason message logs for non-exist Azure resources
```
