Fix#51406
If cloud providers(like aws, gce etc...) implement ExternalID()
and support getting instance by ProviderID , they also implement
InstanceExistsByProviderID().
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix dockershim panic when listing images
**What this PR does / why we need it**:
dockershim panic when listing containers because of `opts.Filters` not initialized:
505ccb88da/pkg/kubelet/dockershim/docker_image.go (L35-L39)
Also when imgSpec.Image is empty string, dockershim returns an empty image list which is not expected. (We should not set opts.Filters in this case).
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#54122
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
If there is no available node for LoadBalancer service, the LoadBlancer
service will become unavailable, we should update service status.
This is part of #53193
Automatic merge from submit-queue (batch tested with PRs 52794, 54243, 54248, 53491, 53841). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
PV recycler: don't reuse old recycler pod.
It might be forged by user and block Kubernetes from recycling. Try to kill it instead.
+ report error when Kubernetes failed to delete recycler pod. PV controller will re-try recycling the PV again and delete the pod eventually.
**Which issue this PR fixes**
fixes#53413
**Release note**:
```release-note
None
```
@kubernetes/sig-storage-pr-reviews
/assign @tallclair
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make AllocateResponse artifacts global across all devices per container in device plugin API
The current version of Device plugins returns artifacts (env vars, mounts, devices) per device, per container. This is not necessary and results in complex merging issues on kubelet side
There can still be a conflict if the artifacts returned by device plugin conflicts with the pod spec. In that case, I'd recommend failing pods in kubelet. This is yet to be addressed.
The go package name for device plugin apis is updated from `pkg/kubelet/apis/deviceplugin/v1alpha1` to `pkg/kubelet/apis/deviceplugin/v1alpha` (sub-version dropped) because we expect the alpha version to change until it graduates to beta and changing the go package everytime the actual alpha version changes is too tedious.
```release-note
Device plugin Alpha API no longer supports returning artifacts per device as part of AllocateResponse.
```
TODO:
- [x] Bump kubelet side API version
- [X] Post an updated device plugin image that works with the new API version
- [ ] Stabilize e2es (This PR needs to be merged since there is a dependency on the plugin side for vendoring)
Automatic merge from submit-queue (batch tested with PRs 53809, 54244, 54142). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixes spam from node status updates
Some of us are looking at reducing unncessary logging spam which happens in k8s. This message is anyway logged by caller of the function and hence we should not log it again.
cc @kubernetes/sig-storage-pr-reviews @eparis
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixed the lease endpoint reconciler creation of kubernetes endpoint and lease file ttl. #53803
Fixed the prefix used to create the kubernetes endpoint and the ttl value used for lease files.
Fixes: #53803
There is no use case known for passing artifacts per device as it currently exists. The current API is also
complex to use for simple clients. Hence this PR creates a flat namespace where artifacts like environment variables
and mount points apply globally to all devices returned as part of AllocateResponse proto.
Signed-off-by: Vishnu kannan <vishnuk@google.com>
This updates the HPA controller to use the polymorphic scale client from
client-go. This should enable HPAs to work with arbitrary scalable
resources, instead of just those in the extensions API group (meaning we
can deprecate the copy of ReplicationController in extensions/v1beta1).
It also means that the HPA controller now pays attention to the
APIVersion field in `scaleTargetRef` (more specifically, the group part
of it).
Note that currently, discovery information on which resources are
available where is only fetched once (the first time that it's
requested). In the future, we may want a refreshing discovery REST
mapper.
Previously, we did not have custom code for fuzzing label selectors.
Anything that used a label selector (like Scale) had to manually bypass
fuzzing the selector, or write its own fuzzer. This introduces a fuzzer
for label selectors which generates random correct selectors with random
keys and values.
Previously, the fake RESTClient in client-go required a Registry. It
used the Registry to fetch the GroupVersion for the fake client.
However, the way it did so was dubious in some cases (it hard-coded the
default API group in places), and not strictly necssary.
This updates the fake client to just recieve the GroupVersion and
internal group name directly, instead of requiring a Registry, so that
it can be consumed in unit tests where a Registry isn't necessarily
readily available (e.g. elsewhere in client-go).
Automatic merge from submit-queue (batch tested with PRs 54145, 53821). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Added PreStopHooks to apiserver to allow clean shutdown.
BootStrapController now registers a PreStopHook to clean up the kubernetes service endpoints. The PreStopHooks allow the apiserver to shutdown cleanly under a controlled shutdown case. The BootStrapController's PreStopHook will clean up after itself by removing the apiserver from the list of IPs in the kubernetes service.
fixes#53438
Automatic merge from submit-queue (batch tested with PRs 54154, 54192). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Versioned busybox docker image
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#53942
**Special notes for your reviewer**:
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 52753, 54034, 53982, 54209). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
stopCh should be passed to route-controller main goroutine
**What this PR does / why we need it**:
currently neverstop channel is used, stopCh should be used
```
go wait.NonSlidingUntil(func() {
if err := rc.reconcileNodeRoutes(); err != nil {
glog.Errorf("Couldn't reconcile node routes: %v", err)
}
}, syncPeriod, wait.NeverStop)
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add ProxyModeIPVS in proxy mode validation
**What this PR does / why we need it**:
Currently didn't add "ipvs" in proxy mode check, then if we use "ipvs" mode, will get this error:
'error: KubeProxyConfiguration.Mode.ProxyMode: Invalid value: "ipvs": must be userspace,iptables or blank (blank means the best-available proxy (currently iptables)'
So I added it.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add user-specified ns to --dry-run created obj
Fixes https://github.com/kubernetes/kubernetes/issues/51068
**Release note**:
```release-note
NONE
```
Includes a namespace in a created resource's metadata when `--dry-run` is used if:
- a namespace was explicitly set by the user (via `--namespace`)
- No errors occur accessing the object's metadata
cc @fabianofranz @deads2k
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix RC/RS conversion
This fixes some round-trip information loss when representing an RC as an RS. I want to use these conversions in #49429 to eliminate the maintenance burden of duplicated RC code.
@kubernetes/sig-apps-pr-reviews
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
allow fail close webhook admission
Webhook admission needs to allow failing closed. Even in an alpha state, I don't want to be one DDOS away from having an exposed cluster.
/assign caesarxuchao
/assign sttts
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
allow */subresource in rbac policy rules
xref #29698
xref #38756
xref #49504
xref #38810
Allow `*/subresource` format in RBAC policy rules to support polymorphic subresources like `*/scale` for HPA.
@DirectXMan12 fyi
```release-note
RBAC PolicyRules now allow resource=`*/<subresource>` to cover `any-resource/<subresource>`. For example, `*/scale` covers `replicationcontroller/scale`.
```
