github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
70,323 Commits 1 Branch 31 Tags 1,019 MiB
3d245e7cb1
Commit Graph

6760 Commits

Author SHA1 Message Date
Kubernetes Submit Queue
ab56f37100 Merge pull request #47039 from zjj2wry/crb_test 
Automatic merge from submit-queue (batch tested with PRs 47039, 53681, 53303, 53181, 53781). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

RBAC: Add test for create clusterrolebindding

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-10-12 15:45:22 -07:00
Dr. Stefan Schimanski
a6f0cd01ee Get rid of pkg/api/util 2017-10-12 16:36:32 +02:00
Kubernetes Submit Queue
3aff54f345 Merge pull request #53589 from sttts/sttts-pkg-api-testing 
Automatic merge from submit-queue (batch tested with PRs 53204, 53364, 53559, 53589, 53088). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

pkg/api: move *_test.go -> pkg/api/testing

Cleaning up pkg/api, one little step towards pkg/apis/core.
 2017-10-11 15:14:45 -07:00
Kubernetes Submit Queue
efa17f5c45 Merge pull request #53364 from tcharding/kubectl-app 
Automatic merge from submit-queue (batch tested with PRs 53204, 53364, 53559, 53589, 53088). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

cmd: kubectl: remove golint_failures entry

**What this PR does / why we need it**:
       
`.golint_failures` currently has an entry for `cmd/kubectl/app`. We can lint this package and remove the entry. There is only one `golint` warning; comment on exported function Run should be of the form "Run..."
    
Fix documentation comment and remove `cmd/kubectl/app` from `.golint_failures`.

**Release note**:

```release-note
NONE
```
/sig cli
/kind cleanup
 2017-10-11 15:14:40 -07:00
juanvallejo
dd45076f8e
add tests 2017-10-11 10:34:10 -04:00
Dr. Stefan Schimanski
b926ca40de pkg/api: move *_test.go -> pkg/api/testing 2017-10-11 16:04:50 +02:00
Kubernetes Submit Queue
6154a9e16c Merge pull request #53477 from caesarxuchao/genenic-initializer 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Move initializer plugin to the generic apiserver

* Moves `k8s.io/kuberentes/plugin/pkg/admission/initialization` to `k8s.io/apiserver/pkg/admission/plugin/initialization`
* Moves `k8s.io/kubernetes/pkg/kubeapiserver/admission/configuration` to `k8s.io/apiserver/pkg/admission/configuration`
* The initializer plugin used to depend on `k8s.io/kubernetes` because it does a type assertion of `api.Pod`. It tries to skip mirror pod. I converted that code to use the generic accessor pattern.
 2017-10-10 09:46:00 -07:00
Chao Xu
bbac32c299 generated 2017-10-09 10:58:12 -07:00
zhengjiajin
7a57754921 RBAC: Add test for create clusterrolebindding 2017-10-09 13:59:01 +08:00
Kubernetes Submit Queue
3f1a2e43b4 Merge pull request #52440 from juanvallejo/jvallejo/add-dry-run-flag-kubectl-drain 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

add --dry-run option to kubectl drain

**Release note**:
```release-note
Added --dry-run option to `kubectl drain`
```
Adds a `--dry-run` flag to `kubectl <cordon, uncordon, drain>`

@fabianofranz @kubernetes/sig-cli-misc
 2017-10-06 18:02:35 -07:00
Kubernetes Submit Queue
f321a16af4 Merge pull request #49654 from jcbsmpsn/move-certificate-manager 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Move certificate manager to client.

Fixes https://github.com/kubernetes/kubernetes/issues/53452

**What this PR does / why we need it**:
Migrate the certificate_manager to a location where it can be shared.

```release-note
NONE
```
 2017-10-06 15:00:07 -07:00
Kubernetes Submit Queue
4aec334c95 Merge pull request #51898 from guangxuli/federation_e2e_test 
Automatic merge from submit-queue (batch tested with PRs 52768, 51898, 53510, 53097, 53058). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

migration of federation test

**What this PR does / why we need it**:

Migrate federation(multicluster) e2e test.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

Ref Umbrella issue #49161
Ref issue https://github.com/kubernetes/kubernetes/issues/50735

- Move `ubernetes_lite.go` to new created directory named **multicluster**.

**Special notes for your reviewer**:

**Release note**:
none

/cc @quinton-hoole
 2017-10-06 13:16:37 -07:00
juanvallejo
b6e8e209b3
add tests 2017-10-06 12:01:12 -04:00
Kubernetes Submit Queue
fc81ec01e5 Merge pull request #53278 from janetkuo/ds-apps-v1-master 
Automatic merge from submit-queue (batch tested with PRs 53278, 53184). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add API version apps/v1, and bump DaemonSet to apps/v1

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: kubernetes/features#484

**Special notes for your reviewer**: This PR targets `master`, as a backup if #53223 (targeting features branch) falls through 

@kubernetes/sig-apps-api-reviews 

**Release note**:

```release-note
Add API version apps/v1, and bump DaemonSet to apps/v1
```
 2017-10-05 21:58:40 -07:00
Kubernetes Submit Queue
6a2ec70a2d Merge pull request #53235 from cblecker/clean-fix-two 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Move make clean to a static list

**What this PR does / why we need it**:
#51911 changed the functionality of `make clean` to use `git clean` to remove ignored files. This had unintended consequences, wiping things out like etcd. This changes it back to a static list, managed via a bash script. It's not optimal, but the static list of patterns is more up to date then it was keeping it in the make file.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #52271

**Special notes for your reviewer**:

**Release note**:
```release-note
NONE
```
 2017-10-05 20:16:47 -07:00
Kubernetes Submit Queue
fc6120cc48 Merge pull request #53366 from tcharding/cloud-controller 
Automatic merge from submit-queue (batch tested with PRs 53418, 53366, 53115, 53402, 53130). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

cmd: cloud-controller-manager: remove golint_failures entry

**What this PR does / why we need it**:

`cmd/cloud-controller-manager/app` and  `cmd/cloud-controller-manager/app/options` currently appear in `.golint_failures`. We can lint these packages.

`golint` emits the following two warnings
```
comment on exported type CloudControllerManagerServer should be of the form "CloudControllerManagerServer ..."
comment on exported const ControllerStartJitter should be of the form "ControllerStartJitter ..."
```

Fix the documentation comments and remove entries from `.golint_failures`

**Special notes for your reviewer**:

Don't know which sig to label this PR with?

**Release note**:

```release-note
NONE
```
/kind cleanup
 2017-10-05 17:31:18 -07:00
Jacob Simpson
415c4d2c3a Move certificate manager to client. 2017-10-05 12:54:38 -07:00
Janet Kuo
1090840f50 Skip auto-generated apps/v1 codes in golint 2017-10-05 10:43:11 -07:00
Janet Kuo
9813a5278f Add API version apps/v1 
Add a new API version apps/v1.
apps/v1 has a copy of apps/v1beta2.DaemonSet API.
 2017-10-05 10:43:11 -07:00
Kubernetes Submit Queue
65cca36ebe Merge pull request #52917 from juanvallejo/jvallejo/support-multiple-node-selection 
Automatic merge from submit-queue (batch tested with PRs 53454, 53446, 52935, 53443, 52917). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

add --selector flag support

**Release note**:
```release-note
NONE
```

Adds --selector option to kubectl drain,cordon,uncordon, performing
each action on a list of nodes matching the given label.

If at least one node fails to be cordoned/uncordoned, the command will
continue to operate on any remaining nodes, uninterrupted, reporting
any errors it encounters along the way.

If at least one node fails to be drained, the command will halt, printing
the immediate error encountered, and a list of nodes yet to be drained
(including the node that just failed to be drained).

cc @kubernetes/sig-cli-misc @fabianofranz @soltysh
 2017-10-05 05:06:33 -07:00
tcharding
cd13ab0f69 cmd: cloud-controller: remove golint_failures entry 2017-10-05 14:19:59 +11:00
Dr. Stefan Schimanski
873a550558 verify-pkg-names.sh: exclude generated informers 2017-10-04 16:53:13 +02:00
Dr. Stefan Schimanski
abfb658d76 sample-apiserver: port to k8s.io/code-generator/generate-internal-groups.sh 2017-10-04 16:53:13 +02:00
Kubernetes Submit Queue
23eedbb7aa Merge pull request #53312 from nikhita/replace-tpr-with-crd 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Rename TPR to CRD

TPR has been completely removed in 1.8. However, there are still some places which use the word "TPR".

We should rename TPR to CRD in such places to be consistent with the nomenclature.

**Release note**:

```release-note
NONE
```

/cc @sttts
 2017-10-04 01:55:11 -07:00
Kubernetes Submit Queue
cf3fcf235f Merge pull request #53280 from MrHohn/merge-kube-dns-yamls 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

 Merge kube-dns templates into a single file

**What this PR does / why we need it**: Merge all of the kube-dns cluster yamls into a single file.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #42832

**Special notes for your reviewer**:
/assign @bowei @shashidharatd 
cc @kevin-wangzefeng @euank @lhuard1A

**Release note**:

```release-note
NONE
```
 2017-10-03 11:46:43 -07:00
Zihong Zheng
db8f9ddcec Merge kube-dns templates into a single file 2017-10-03 09:43:52 -07:00
tcharding
fa2de842d0 cmd: kubectl: remove golint_failures entry 
`.golint_failures` currently has an entry for `cmd/kubectl/app`. We can lint this package and remove
the entry. There is only one `golint` warning; comment on exported function Run should be of the
form "Run ..."

Fix documentation comment and remove `cmd/kubectl/app` from `.golint_failures`.
 2017-10-03 16:29:45 +11:00
juanvallejo
3775a50cb8
add --selector flag support 2017-10-02 16:18:30 -04:00
Hongchao Deng
39e5a56691 etcd: update version to 3.1.10 2017-10-02 12:27:46 -07:00
Nikhita Raghunath
694630724a Rename TPR to CRD to be consistent 
TPR has been completely removed. We should rename TPR
to CRD to be consistent with the nomenclature.
 2017-10-01 21:13:24 +05:30
Kubernetes Submit Queue
7656436041 Merge pull request #50743 from guangxuli/migrate_e2e_ui_test 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Migrate sig-ui e2e test

**What this PR does / why we need it**:
Migrate sig-ui e2e tests

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

Ref Umbrella issue #49161

**Special notes for your reviewer**:

**Release note**:

none
 2017-09-30 16:52:33 -07:00
Monis Khan
5eb5b3e402
Correct APIGroup for RoleBindingBuilder Subjects 
This change corrects RoleBindingBuilder to use the RBAC API group
with users and groups as subjects (service accounts use the empty
string since they are in the legacy core group).  This is based on
the defaulting in pkg/apis/rbac/v1/defaults.go#SetDefaults_Subject.
This is required because the bootstrap RBAC data is built with these
helpers and does not go through defaulting, whereas the data
retrieved from the server has already gone through defaulting.  This
can lead to the reconciliation code incorrectly adding duplicate
subjects because it believes that they are missing (since the API
groups do not match).

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2017-09-30 12:15:43 -04:00
Kubernetes Submit Queue
d2bbeb6665 Merge pull request #51766 from thockin/godep-scripts-cleanup 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Godep scripts cleanup

Another try at sanitizing godep scripts.  Instead of messing with containers, or assuming anything about GOPATHs, let's just work with whatever GOPATH we are given.  If you want sane godep/restore behavior you can use `./hack/run-in-gopath.sh ./hack/godep-restore.sh`.  This will restore into your _output dir.  You can update deps yourself, and then run `./hack/run-in-gopath.sh ./hack/godep-save.sh`.

xref  #44873

This also checks out godep into your working GOPATH.  Without this, we have to `go get` it every time.  We should just vendor it.
 2017-09-30 04:10:06 -07:00
Tim Hockin
ac4ffb1e6e Vendor godep v79 and use it 2017-09-29 15:16:09 -07:00
Tim Hockin
a29c048e33 Clean up godep scripts to be self-contained 2017-09-29 15:16:03 -07:00
Kubernetes Submit Queue
6a02660fbf Merge pull request #52165 from mattjmcnaughton/mattjmcnaughton/52025-more-descriptive-make-test-error-message 
Automatic merge from submit-queue (batch tested with PRs 53101, 53158, 52165). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

More descriptive error message for `make test`

**Which issue this PR fixes**
Fix #52025

**What this PR does / why we need it**:

The `[packages]` argument to `go test` can be confusing. If the
`package` does not begin with `./`, `go test` considers it relative to
`$GOPATH/src`. If it does begin with `./`, `go test` considers it
relative to `pwd`. `hack/make-rules/test.sh`, and thus `make test`, use
`go test`.

This commit adds a verify step to `hack/make-rules/test.sh`. Before we
run `go test`, we check the packages under test exist. If the user
specified the package path in the incorrect format - for example they
didn't prepend with `./` when they should have, the check logs a
suggestion of the alternative path they should use.

Running the test suites for a package is an activity many all first time
contributors will take. Hopefully including a more descriptive error
message, with a suggestion for a fix if applicable, will make this an
easier experience.

Signed-off-by: mattjmcnaughton <mattjmcnaughton@gmail.com>

```release-note
NONE
```
 2017-09-29 14:36:22 -07:00
Kubernetes Submit Queue
4425841ce2 Merge pull request #53158 from liggitt/update-pod-spec-versioned 
Automatic merge from submit-queue (batch tested with PRs 53101, 53158, 52165). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Calculate patches for  commands using input version

Fixes #53040

the encoder used for encoding these objects while calculating patches does not have sufficient information to select a correct version when the object does not exist in all versions of a target group (like replicasets not existing in apps/v1beta1)

this PR wraps the encoder to first convert to the same version used to read the object (based on the mapping's GroupVersion)

long-term, we should switch UpdatePodSpecForObject to work on versioned objects and v1.PodSpec and avoid conversion altogether

```release-note
Fixes an issue with `kubectl set` commands encountering conversion errors for ReplicaSet and DaemonSet objects
```
 2017-09-29 14:36:19 -07:00
Kubernetes Submit Queue
1b93686fe3 Merge pull request #51021 from zjj2wry/scale-selector-all 
Automatic merge from submit-queue (batch tested with PRs 51021, 53225, 53094, 53219). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

"fix issue(#49965)kubectl scale also says that it can work based on a label selector or all"

**What this PR does / why we need it**:
Fixes #49965 #44800

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-09-29 12:38:17 -07:00
Christoph Blecker
59c72047ab
Move make clean to a static list 2017-09-29 12:36:18 -07:00
Jordan Liggitt
e3a8b5e223
Calculate patches for commands using input version 2017-09-29 13:03:18 -04:00
Tim Hockin
7732c8d892 Centralize godep version number 2017-09-28 13:10:09 -07:00
Tim Hockin
7d87eec437 Make sure GOPATH/bin is in PATH 2017-09-28 13:10:09 -07:00
shashidharatd
a570d316b8 Move k/test/integration/federation to k/federation/test/integration 2017-09-28 11:43:35 +05:30
shashidharatd
45d73a1c70 Move k/test/e2e_federation package to k/federation/test/e2e 2017-09-28 11:43:35 +05:30
Kubernetes Submit Queue
dc7ff475d0 Merge pull request #53121 from WanLinghao/kube_dns_already_exist 
Automatic merge from submit-queue (batch tested with PRs 52634, 53121, 53161). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

  fix clusterrolebindings duplicate create in local-up-cluster.sh

Changes to be committed:
  modified:   hack/local-up-cluster.sh



**What this PR does / why we need it**:
currently ,execute hack/local-up-cluster.sh will produce an error :

> Creating kube-system namespace
> Error from server (AlreadyExists): clusterrolebindings.rbac.authorization.k8s.io "system:kube-dns" 
> already exists
> serviceaccount "kube-dns" created

it was caused by duplicate creation in script.
kube-api-server  with RBAC option creates system:kube-dns and kubectl create it again.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
```
 2017-09-27 20:35:28 -07:00
WanLinghao
d5f610c250 clusterrolebindings duplicate create in local-up-cluster.sh 
Changes to be committed:
  modified:   hack/local-up-cluster.sh
 2017-09-28 00:16:13 +08:00
mattjmcnaughton
99cdc069e2 More descriptive error message for make test 
Fix #52025

The `[packages]` argument to `go test` can be confusing. If the
`package` does not begin with `./`, `go test` considers it relative to
`$GOPATH/src`. If it does begin with `./`, `go test` considers it
relative to `pwd`. `hack/make-rules/test.sh`, and thus `make test`, use
`go test`.

This commit adds a verify step to `hack/make-rules/test.sh`. Before we
run `go test`, we check the packages under test exist. If the user
specified the package path in the incorrect format - for example they
didn't prepend with `./` when they should have, the check logs a
suggestion of the alternative path they should use.

Running the test suites for a package is an activity many all first time
contributors will take. Hopefully including a more descriptive error
message, with a suggestion for a fix if applicable, will make this an
easier experience.

Signed-off-by: mattjmcnaughton <mattjmcnaughton@gmail.com>
 2017-09-26 19:52:33 -04:00
Kubernetes Submit Queue
dbe1ff8d61 Merge pull request #52721 from aditya-konarde/patch-1 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix typo in e2e-node-test.sh

Correct 'Makfile' to 'Makefile'
 2017-09-26 15:41:39 -07:00
Kubernetes Submit Queue
7fa13044bb Merge pull request #52251 from sbezverk/kubeadm_lint_cleanup 
Automatic merge from submit-queue (batch tested with PRs 52251, 52540). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

kubeadm golint clean up

Cleaning up golint discovered issue for kubeadm

Fixes: https://github.com/kubernetes/kubeadm/issues/375
 2017-09-25 07:19:53 -07:00
Kubernetes Submit Queue
ac33bfd53b Merge pull request #52766 from wjiangjay/cri 
Automatic merge from submit-queue (batch tested with PRs 52905, 52766). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

Remove the deprecated env "ENABLE_CRI"
 2017-09-25 04:02:53 -07:00
Kubernetes Submit Queue
63c1ed12aa Merge pull request #52761 from yuexiao-wang/validate-message 
Automatic merge from submit-queue (batch tested with PRs 52880, 52855, 52761, 52885, 52929). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

Adjust the validating messages

Signed-off-by: yuexiao-wang <wang.yuexiao@zte.com.cn>

**What this PR does / why we need it**:
1.  Adjust the validating messages for user understanding 
2.  Add error messages for easliy testing.
3.  Optimize the  code for switch case.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:
```release-note
NONE
```
 2017-09-24 04:30:07 -07:00
Kubernetes Submit Queue
8e7f5d8c8b Merge pull request #52855 from NickrenREN/remove-rackspace 
Automatic merge from submit-queue (batch tested with PRs 52880, 52855, 52761, 52885, 52929). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

Remove cloud provider rackspace

**What this PR does / why we need it**:
For now, we have to implement functions in both `rackspace` and `openstack` packages if we want to add function for cinder, for example [resize for cinder](https://github.com/kubernetes/kubernetes/pull/51498).  Since openstack has implemented all the functions rackspace has,  and rackspace is considered deprecated for a long time, [rackspace deprecated](https://github.com/rackspace/gophercloud/issues/592) ,
after talking with @mikedanese  and @jamiehannaford offline ,  i sent this PR to remove `rackspace` in favor of `openstack`

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #52854

**Special notes for your reviewer**:

**Release note**:
```release-note
The Rackspace cloud provider has been removed after a long deprecation period. It was deprecated because it duplicates a lot of the OpenStack logic and can no longer be maintained. Please use the OpenStack cloud provider instead.
```
 2017-09-24 04:30:04 -07:00
Kubernetes Submit Queue
4a0f41e4fa Merge pull request #52450 from juanvallejo/jvallejo/misc-err-msg-improvements 
Automatic merge from submit-queue (batch tested with PRs 52485, 52443, 52597, 52450, 51971). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

Error message / exit code fixes

**Release note**:
```release-note
NONE
```

Miscellaneous error message tweaks.
Makes the error message displayed in `kubectl get` more visible.
Returns exit code 1 if a patch fails.

Addresses the following downstream bugzillas:
- https://bugzilla.redhat.com/show_bug.cgi?id=1311786
- https://bugzilla.redhat.com/show_bug.cgi?id=1414227

cc @fabianofranz @kubernetes/sig-cli-misc
 2017-09-23 18:48:58 -07:00
Kubernetes Submit Queue
963697564a Merge pull request #50672 from shiywang/fix0error 
Automatic merge from submit-queue (batch tested with PRs 50890, 52484, 52542, 52567, 50672). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

Fix return 0 error in DefaultSubCommandRun

Fixes https://github.com/kubernetes/kubernetes/issues/50644
@mengqiy most of our command didn't return 1 when error, is because it invoke `DefaultSubCommandRun` which created in this pr https://github.com/kubernetes/kubernetes/pull/35206, I'm not sure if it's ok to directly add an `os.Exit` in that function, so also cc @juanvallejo @fabianofranz for review.

also @apelisse  @mengqiy  I think we don't have any test for check return value now ? cmiiw, I will add some test in test-cmd since it's easy to write scripts check return value, wdyt ?
 2017-09-23 16:26:56 -07:00
Kubernetes Submit Queue
280de0a63a Merge pull request #52516 from sakeven/fix/versioning_doc_link 
Automatic merge from submit-queue (batch tested with PRs 52445, 52380, 52516, 52531, 52538). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

Follow go style guide and fix versioning doc link

Signed-off-by: sakeven <jc5930@sina.cn>



**What this PR does / why we need it**:

1. Follow go style guide
  * should drop = "" from declaration of var gitMajor; it is the zero value
  * should omit type string from declaration of var gitVersion; it will be inferred from the right-hand side
2. Fix  versioning doc link.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```
NONE
```
 2017-09-23 14:33:13 -07:00
Kubernetes Submit Queue
3a399136e6 Merge pull request #52083 from billy2180/fix-some-comments 
Automatic merge from submit-queue (batch tested with PRs 50392, 52108, 52083, 52134, 51526). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

Fix some comment in hack/jenkins/*-dockerized.sh

hack/jenkins/gotest-dockerized.sh has been deleted,But the comments are not updated,FYI [The PR #1463](https://github.com/kubernetes/test-infra/pull/1463/files#diff-072eac404bdccadbe14552a7d3c012c2)
```release-note
NONE
```
 2017-09-23 07:14:03 -07:00
Serguei Bezverkhi
42bd500134 kubeadm golint clean up 
Closes #375
 2017-09-23 08:07:55 -04:00
Kubernetes Submit Queue
9793bb3023 Merge pull request #51684 from tcharding/lint-plugins-env 
Automatic merge from submit-queue (batch tested with PRs 51031, 51705, 51888, 51727, 51684). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

kubectl: Fix golint warnings for plugins/*

**What this PR does / why we need it**:

We currently have an entry in `hack/.golint_failures` for `pkg/kubectl/plugins`. If we lint the files in `plugins/` then we can safely remove this entry.
 
`golint` emits the following warnings (only one of each type shown)
```
exported method EnvList.Slice should have comment or be unexported
error var IncompletePluginError should have name of the form ErrFoo
func name will be used as plugins.PluginsEnvVarPluginLoader by other packages, and that stutters; consider calling this EnvVarPluginLoader
```

This PR clears all `golint` warnings from `kubectl/plugins/`.

1. Remove entry from `hack/.golint_failures`
2. Add missing documentation to exported types and functions.
3. Rename error variables to `ErrFoo`.
4. Rename `PluginsEnvVarPluginLoader` to `KubectlPluginsPathPluginLoader` (mirrors env var name).
5. Rename `XDGDataPluginLoader` to `XDGDataDirsPluginLoader` (to make uniform change above).

**Special notes for your reviewer**:

Felt a bit dirty doing this cleanup because the code in `plugins/` is particularly clean and well written already.

**Release note**:

```release-note
NONE
```
/sig cli
/kind cleanup
 2017-09-23 01:47:11 -07:00
NickrenREN
39c48d3605 remove rackspace related code 2017-09-22 18:06:50 +08:00
Kubernetes Submit Queue
3ba46ee9fa Merge pull request #52710 from sttts/sttts-less-aggressive-staging-godep-mangling 
Automatic merge from submit-queue (batch tested with PRs 52843, 52710, 52821, 52844). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

update-staging-godeps: only mangle staging repos in staging Godeps.json

- this re-adds non-staging k8s.io/* repos to the staging Godeps.jsons
- x-outs instead of removing of staging dependencies in order to get a
  precise trigger for a complete godep restore+save run in the publisher
  bot.

The first breaks k8s.io/kube-aggregator's staging export.

The second potentially leads to inconsistent godeps in our exported staging repos.
 2017-09-21 09:56:50 -07:00
yuexiao-wang
142c2dd67b Adjust the validating messages 
Signed-off-by: yuexiao-wang <wang.yuexiao@zte.com.cn>
 2017-09-21 09:58:50 +08:00
Kubernetes Submit Queue
a16a126f41 Merge pull request #51064 from madhanrm/winkernelproxy 
Automatic merge from submit-queue (batch tested with PRs 51064, 52132). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

Fix Kubeproxy to work for Windows Kernel mode

**What this PR does / why we need it**:
Kubeproxy doenst work for with windows kernel mode. This PR adds a Kernel Proxy for windows to use the underlying platform features.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
#49666
**Special notes for your reviewer**:

**Release note**:

```release-note
```
 2017-09-20 14:32:55 -07:00
Dr. Stefan Schimanski
72d4e3f47a update-staging-godeps: only mangle staging repos in Godeps.json 2017-09-20 17:47:01 +02:00
Dr. Stefan Schimanski
a3f8c9b5e1 k8s.io/code-generator: hide gen test output from go tools 
The underscore in front of _test makes the go tools (including godep) to
ignore those packages by default. We do not want to create dependencies
to client-go and friend through the _test output.
 2017-09-20 08:36:09 +02:00
Weiwei Jiang
655f591d85 Remove the deprecated env "ENABLE_CRI" 
Remove the deprecated env "ENABLE_CRI" according to https://github.com/kubernetes/kubernetes/pull/45194
 2017-09-20 13:45:58 +08:00
Aditya Konarde
7f11d7954a Fix typo in e2e-node-test.sh 
Correct 'Makfile' to 'Makefile
 2017-09-19 18:10:21 +05:30
Madhan Raj Mookkandy
a8d797afdd Add exception to golint check 
(*) Fix cleanup of NodePort resources. (*) Fix the logic to select existing policies

Fix review comment

Fix Bazel

Update GoDep License

Fix NodePort forwarding to target port

Fix Darwin Build break. +1

Implement IsCompatible to validate kernel support for kernel mode
 2017-09-18 11:11:22 -07:00
supereagle
87c29a08e1 fix typos: remove duplicated word in comments 2017-09-16 14:38:10 +08:00
sakeven
1257a35ce8 golint version and fix versioning doc link 
Signed-off-by: sakeven <jc5930@sina.cn>
 2017-09-15 18:44:23 +08:00
juanvallejo
de21640573
add/update tests 
Move negative check for testing "not patched" output to test-cmd-util.sh
as exiting with code 1 was causing patch_test.go to fail when the error
was expected as part of the test.
 2017-09-14 16:23:23 -04:00
Shiyang Wang
87abe13022 fix return 0 error in DefaultSubCommandRun 2017-09-13 10:26:51 +08:00
Jordan Liggitt
a6316fb3a5
Fix discovery restmapper finding resources in non-preferred versions 2017-09-08 22:35:23 -04:00
Clayton Coleman
fc2d201e15
Allow watch cache to be disabled per type 
Currently setting watch cache size for a given resource does not disable
the watch cache. This commit adds a new `default-watch-cache-size` flag
to map to the existing field, and refactors how watch cache sizes are
calculated to bring all of the code into one place. It also adds debug
logging to startup to allow us to verify watch cache enablement in
production.
 2017-09-08 13:42:28 -04:00
Dr. Stefan Schimanski
0fdcd993bf code-generator/protobuf: cut-off kubernetes specifics 2017-09-07 18:31:48 +02:00
billy2180
99e9ef2871 Fix some comment in hack/jenkins/*-dockerized.sh 2017-09-07 19:43:41 +08:00
Kubernetes Submit Queue
3168bd4b12 Merge pull request #50708 from DirectXMan12/versions/autoscaling-v2beta1 
Automatic merge from submit-queue (batch tested with PRs 51956, 50708)

Move autoscaling/v2 from alpha1 to beta1

This graduates autoscaling/v2alpha1 to autoscaling/v2beta1.  The move is more-or-less just a straightforward rename.

Part of kubernetes/features#117

```release-note
v2 of the autoscaling API group, including improvements to the HorizontalPodAutoscaler, has moved from alpha1 to beta1.
```
 2017-09-06 15:46:24 -07:00
Kubernetes Submit Queue
0076f02df0 Merge pull request #51653 from DirectXMan12/versions/metrics-v2beta1 
Automatic merge from submit-queue (batch tested with PRs 51603, 51653)

Graduate metrics/v1alpha1 to v1beta1

This introduces v1beta1 of the resource metrics API, previously in alpha.
The v1alpha1 version remains for compatibility with the Heapster legacy version
of the resource metrics API, which is compatible with the v1alpha1 version.  It also
renames the v1beta1 version to `resource-metrics.metrics.k8s.io`.

The HPA controller's REST clients (but not the legacy client) have been migrated as well.

Part of kubernetes/features#118.

```release-note
Migrate the metrics/v1alpha1 API to metrics/v1beta1.  The HorizontalPodAutoscaler
controller REST client now uses that version.  For v1beta1, the API is now known as
resource-metrics.metrics.k8s.io.
```
 2017-09-06 02:55:12 -07:00
Kubernetes Submit Queue
b6a0bb1a16 Merge pull request #51873 from luxas/enable_e2e_multiarch 
Automatic merge from submit-queue (batch tested with PRs 51984, 51351, 51873, 51795, 51634)

Build test targets for all server platforms

**What this PR does / why we need it**:

🤦

I really should have checked this before code freeze, but tbh forgot it in the rush. Also I thought this was the case already...
As part of https://github.com/kubernetes/features/issues/288; these binaries should be built for all server platforms indeed.

This is just a straightforward add to that list.
Can we please get this into v1.8?
There is virtually no risk involved here really...

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
Build test targets for all server platforms
```
@ixdy @jdumars @mkumatag
 2017-09-05 18:40:28 -07:00
Kubernetes Submit Queue
6430a2732f Merge pull request #51351 from cmluciano/cml/addegressrule 
Automatic merge from submit-queue (batch tested with PRs 51984, 51351, 51873, 51795, 51634)

Add EgressRule to NetworkPolicy

**What this PR does / why we need it**:
Add EgressRule to NetworkPolicy

**Which issue this PR fixes**: fixes #50453

**Special notes for your reviewer**:
- Please take a look at the comments for the various types. I tried to mimic some of the language used in the Ingress comments, but I may have mangled some sentences.
- Let me know if I should add some test cases for validation. I have 2-3, and did not think it was necessary to replicate each case already covered in ingress.

**Release note**:
```
Add egress policies to NetworkPolicy
```
 2017-09-05 18:40:25 -07:00
Kubernetes Submit Queue
ee4e4a5418 Merge pull request #51186 from dixudx/fix_delete_uninitialized_resources 
Automatic merge from submit-queue (batch tested with PRs 51186, 50350, 51751, 51645, 51837)

fix bug on kubectl deleting uninitialized resources

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #51185

**Special notes for your reviewer**:
/assign @caesarxuchao @ahmetb 

**Release note**:

```release-note
fix bug on kubectl deleting uninitialized resources
```
 2017-09-05 17:29:59 -07:00
Solly Ross
b0af402475 Move Autoscaling v2{alpha1 --> beta1} 
This commit renames autoscaling/v2alpha1 to autoscaling/v2beta1.
Only the API-related code is moved in this commit.
 2017-09-05 17:49:30 -04:00
Solly Ross
580b28e2d5 Graduate metrics/v1alpha1 to v1beta1 
This commit graduates them resource metrics API from v1alpha1
to v1beta1.
 2017-09-05 16:09:50 -04:00
Christopher M. Luciano
90b139897e
Add PolicyTypes to NetworkPolicy Spec 
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2017-09-05 12:16:19 -04:00
Gavin
0c4be04775 migration of federation test 2017-09-04 20:20:43 +08:00
Hemant Kumar
e78d433150 Implement necessary API changes 
Introduce feature gate for expanding PVs
Add a field to SC
Add new Conditions and feature tag pvc update
Add tests for size update via feature gate
register the resize admission plugin
Update golint failures
 2017-09-04 09:02:34 +02:00
Kubernetes Submit Queue
0f8febf1b4 Merge pull request #51868 from sttts/sttts-fix-client-go-build 
Automatic merge from submit-queue (batch tested with PRs 51845, 51868, 51864)

client-go: fix 'go build ./...'
 2017-09-03 21:31:58 -07:00
Kubernetes Submit Queue
0dedd13ad7 Merge pull request #51734 from soltysh/cronjobs_beta 
Automatic merge from submit-queue

Enable batch/v1beta1.CronJobs by default

This PR re-applies the cronjobs->beta back (https://github.com/kubernetes/kubernetes/pull/51720)  with the fix from @shyamjvs.

Fixes #51692

@apelisse @dchen1107 @smarterclayton ptal
@janetkuo @erictune fyi
 2017-09-03 18:22:27 -07:00
Kubernetes Submit Queue
5735d80e53 Merge pull request #51819 from cblecker/godep-license-darwin 
Automatic merge from submit-queue (batch tested with PRs 51819, 51706, 51761, 51818, 51500)

Update godep-licenses script to work on darwin

**What this PR does / why we need it**:
When reviewing #51766, noticed that the godep licenses script has slightly different output on darwin (using the BSD md5sum) and linux (using the GNU md5sum).

This adds an awk trim to ensure that the output is the same on both platforms.

**Release note**:
```release-note
NONE
```
 2017-09-03 15:00:00 -07:00
Kubernetes Submit Queue
4d42f80382 Merge pull request #50925 from staebler/server-event-rate-limiter 
Automatic merge from submit-queue (batch tested with PRs 51805, 51725, 50925, 51474, 51638)

Limit events accepted by API Server

**What this PR does / why we need it**:
This PR adds the ability to limit events processed by an API server. Limits can be set globally on a server, per-namespace, per-user, and per-source+object. This is needed to prevent badly-configured or misbehaving players from making a cluster unstable.

Please see https://github.com/kubernetes/community/pull/945.

**Release Note:**
```release-note
Adds a new alpha EventRateLimit admission control that is used to limit the number of event queries that are accepted by the API Server.
```
 2017-09-03 11:10:03 -07:00
Lucas Käldström
b00353c3e3
Build test targets for all server platforms 2017-09-03 18:13:39 +03:00
Dr. Stefan Schimanski
48cba8a44f client-go: fix 'go build ./...' 
Test-only directories seem to confuse go-build and make it fail. We do this as
a smoke test in the github publishing bot.
 2017-09-03 16:19:09 +02:00
Maciej Szulik
6962427b35
Enable batch/v1beta1.CronJobs by default 2017-09-03 11:17:33 +02:00
Kubernetes Submit Queue
5c0b265a9b Merge pull request #50497 from dixudx/kubectl-include-uninitialized 
Automatic merge from submit-queue (batch tested with PRs 51301, 50497, 50112, 48184, 50993)

Introduce new flag "--include-uninitialized" to kubectl

**What this PR does / why we need it**:

Introduce `--include-uninitialized` as a global flag to kubectl

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #49035

**Special notes for your reviewer**:
/assign @caesarxuchao @smarterclayton @ahmetb @deads2k 

**Release note**:

```release-note
Add flag "--include-uninitialized" to kubectl annotate, apply, edit-last-applied, delete, describe, edit, get, label, set. "--include-uninitialized=true" makes kubectl commands apply to uninitialized objects, which by default are ignored if the names of the objects are not provided. "--all" also makes kubectl commands apply to uninitialized objects. Please see the [initializer](https://kubernetes.io/docs/admin/extensible-admission-controllers/) doc for more details.
```
 2017-09-02 23:50:00 -07:00
Kubernetes Submit Queue
bd813ce089 Merge pull request #51058 from thockin/codegen-dbg 
Automatic merge from submit-queue (batch tested with PRs 51666, 49829, 51058, 51004, 50938)

Add debugging to the codegen process

This was useful when debugging a different problem.
 2017-09-02 22:52:06 -07:00
Kubernetes Submit Queue
dceff77669 Merge pull request #51374 from bowei/ip-alias-v2 
Automatic merge from submit-queue (batch tested with PRs 51583, 51283, 51374, 51690, 51716)

Add IPAM controller for synchronizing node pod CIDR range allocations between the cluster and the cloud (alpha feature)

```release-note
IPAM controller unifies handling of node pod CIDR range allocation.
It is intended to supersede the logic that is currently in range_allocator 
and cloud_cidr_allocator. (ALPHA FEATURE)

Note: for this change, the other allocators still exist and are the default.

It supports two modes:
* CIDR range allocations done within the cluster that are then propagated out to the cloud provider.
* Cloud provider managed IPAM that is then reflected into the cluster.
```

Fixes https://github.com/kubernetes/kubernetes/issues/51826
 2017-09-02 20:35:24 -07:00
Kubernetes Submit Queue
a3aac42b9a Merge pull request #51636 from deads2k/cli-01-reconcile 
Automatic merge from submit-queue (batch tested with PRs 50832, 51119, 51636, 48921, 51712)

add reconcile command to kubectl auth

This pull exposes the RBAC reconcile commands through `kubectl auth reconcile -f FILE`.  When passed a file which contains RBAC roles, rolebindings, clusterroles, or clusterrolebindings, it will compute covers and add the missing rules.

The logic required to properly "apply" rbac permissions is more complicated that a json merge since you have to compute logical covers operations between rule sets.  This means that we cannot use `kubectl apply` to update rbac roles without risking breaking old clients (like controllers).

To solve this problem, RBAC created reconcile functions to use during startup for "stock" roles.  We want to offer this power to users who are running their own controllers and extension servers.

This is an intersection between @kubernetes/sig-auth-misc and @kubernetes/sig-cli-misc
 2017-09-02 19:26:25 -07:00
Kubernetes Submit Queue
d375e1595f Merge pull request #50920 from DirectXMan12/versions/custom-metrics-v2beta1 
Automatic merge from submit-queue (batch tested with PRs 51335, 51364, 51130, 48075, 50920)

Graduate custom metrics API to v1beta1

This graduates custom-metrics.metrics.k8s.io/v1alpha1 to custom-metrics.metrics.k8s.io/v1beta1.  The move is more-or-less just a straightforward rename.

Part of kubernetes/features#117 and kubernetes/features#118

```release-note
the custom metrics API (custom-metrics.metrics.k8s.io) has moved from v1alpha1 to v1beta1
```
 2017-09-02 18:18:57 -07:00
Kubernetes Submit Queue
d42014e638 Merge pull request #51364 from apelisse/openapi-change-default 
Automatic merge from submit-queue (batch tested with PRs 51335, 51364, 51130, 48075, 50920)

Change default validation to openapi

**What this PR does / why we need it**:
And also update the test to match the new error string.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes https://github.com/kubernetes/kubectl/issues/49

**Special notes for your reviewer**:

**Release note**:
```release-note
Performs validation (when applying for example) against OpenAPI schema rather than Swagger 1.0.
```
 2017-09-02 18:18:48 -07:00
Kubernetes Submit Queue
da7ee10913 Merge pull request #49457 from mkumatag/tests_multiarch 
Automatic merge from submit-queue

Use the right image for the right platform in the e2e tests

**What this PR does / why we need it**:
This PR is for enabling kubernetes tests for multi architecture platform
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #38067

**Special notes for your reviewer**:
This will enable conformance tests for all the supported architectures.
**Release note**:

```release-note
Make all e2e tests lookup image to use from a centralized place. In that centralized place, add support for multiple platforms.
```

x-ref #38067
 2017-09-02 15:18:10 -07:00
Christoph Blecker
fa7db1387b
Update godep-licenses script to work on darwin 
This change ensures that the BSD (darwin) and GNU (linux) versions of the md5sum util have the same output.
 2017-09-01 13:55:16 -07:00
Bowei Du
428b8a4132 (ALPHA GCP FEATURE) Add IPAM controller 
IPAM controller unifies handling of node pod CIDR range allocation.  It
is intended to supersede the logic that is currently in range_allocator
and cloud_cidr_allocator.

Note: for this change, the other allocators still exist and are the
default.

It supports two modes:
* CIDR range allocations done within the cluster that are then
propagated out to the cloud provider.
* Cloud provider managed IPAM that is then reflected into the cluster.
 2017-09-01 12:58:40 -07:00
Solly Ross
89a56a3cee Move HPA to use custom-metrics/v1beta1 
This commit migrates the HPA metrics clients to use the beta version of
the custom metrics API.
 2017-09-01 15:08:31 -04:00
staebler
a4542ae528 Create an EventRateLimit admission control plug-in for the API Server. 
The EventRateLimit plug-in limits the number of events that the API Server
will accept in a given time period. It allows for server-wide, per-namespace,
per-user,and per-source+object rate limiting.
 2017-09-01 13:38:03 -04:00
Antoine Pelisse
9287eb0c3e Change default validation to openapi 
And also update the test to match the new error string.
 2017-09-01 08:44:36 -07:00
Di Xu
d80ff0f60c test fix 2017-09-01 15:05:00 +08:00
Tim Hockin
5728b1970a Use json-iterator for JSON, kill off codecgen 2017-08-31 23:30:45 -07:00
Di Xu
5e120cfc68 add tests 2017-09-01 10:46:13 +08:00
Manjunath A Kumatagi
22c3a590d1 Fix bazel 2017-09-01 05:39:00 +05:30
Antoine Pelisse
d7eec6b51d Revert "Enable batch/v1beta1.CronJobs by default" 2017-08-31 09:54:16 -07:00
Di Xu
8a6a25f5f0 add tests 2017-08-31 16:31:02 +08:00
tcharding
66f6d283e0 Remove plugins entry from hack/.golint_failures 2017-08-31 15:30:27 +10:00
Kubernetes Submit Queue
ffcd6d1dce Merge pull request #51465 from soltysh/cronjob_beta 
Automatic merge from submit-queue (batch tested with PRs 50775, 51397, 51168, 51465, 51536)

Enable batch/v1beta1.CronJobs by default

This PR moves to CronJobs beta entirely, enabling `batch/v1beta1` by default.

Related issue: #41039 

@erictune @janetkuo ptal

```release-note
Promote CronJobs to batch/v1beta1.
```
 2017-08-30 15:14:32 -07:00
David Eads
aa637502e0 add reconcile command to kubectl auth 2017-08-30 16:04:00 -04:00
Kubernetes Submit Queue
834e474a19 Merge pull request #51439 from liggitt/list-features 
Automatic merge from submit-queue (batch tested with PRs 51439, 51361, 51140, 51539, 51585)

Fix list-features script
 2017-08-30 03:59:27 -07:00
Kubernetes Submit Queue
04bc4ec716 Merge pull request #50398 from pci/gcloud-compute-list 
Automatic merge from submit-queue (batch tested with PRs 47054, 50398, 51541, 51535, 51545)

Switch away from gcloud deprecated flags in compute resource listings

**What is fixed**

Remove deprecated `gcloud compute` flags, see linked issue.

**Which issue this PR fixes**:

fixes #49673 

**Special notes for your reviewer**:

The change in `gcloudComputeResourceList` in `test/e2e/framework/ingress_utils.go` isn't strictly needed as currently no affected resources are called on within that file, however the function has the _potential_ to access affected resources so I covered it as well. Happy to change if deemed unnecessary.

**Release note**:

```release-note
NONE
```
 2017-08-30 01:51:29 -07:00
Kubernetes Submit Queue
4d5fc46536 Merge pull request #50998 from zjj2wry/set-env 
Automatic merge from submit-queue (batch tested with PRs 51377, 46580, 50998, 51466, 49749)

feat(#21648 )Add kubectl set env command.

**What this PR does / why we need it**:
#21648
Moved from OpenShift to Kubenetes.
@kargakis @smarterclayton 

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-08-29 22:57:06 -07:00
Philip Ingrey
697f92a5d2
Switch away from gcloud deprecated flags in compute resource listings 2017-08-30 06:41:09 +01:00
Nikhita Raghunath
6ba1523a8e Add feature gate for CustomResourceValidation 
update feature gates for generic apiserver

Add apiextensions-apiserver features to golint_failures

Ignore alpha feature if gate is disabled
 2017-08-29 21:35:12 +05:30
Kubernetes Submit Queue
80ea31fcbf Merge pull request #50296 from mengqiy/addApplyTestForReplacekeys 
Automatic merge from submit-queue (batch tested with PRs 50919, 51410, 50099, 51300, 50296)

Add `retainKeys` to patchStrategy for v1 Volumes and extentions/v1beta1 DeploymentStrategy

Add `retainKeys` to patchStrategy for v1 Volumes and extentions/v1beta1 DeploymentStrategy.

With the new value in `patchStrategy`, the patch will include an optional directive that will tell the apiserver to clear defaulted fields and update. This will resolve issue like https://github.com/kubernetes/kubernetes/issues/34292#issue-181572469 and similar issue caused by defaulting in volume.

The change is [backward compatible](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/add-new-patchStrategy-to-clear-fields-not-present-in-patch.md#version-skew).

The proposal for this new patch strategy is in https://github.com/kubernetes/community/blob/master/contributors/design-proposals/add-new-patchStrategy-to-clear-fields-not-present-in-patch.md

The implementation to support the new patch strategy's logic is in #44597 and has been merged in 1.7.

```release-note
Add `retainKeys` to patchStrategy for v1 Volumes and extentions/v1beta1 DeploymentStrategy.
```

/assign @apelisse 
/assign @janetkuo for deployment change
/assign @saad-ali for volume change
 2017-08-29 03:20:10 -07:00
Kubernetes Submit Queue
c27cdb11a9 Merge pull request #50932 from yguo0905/stats-cadvisor 
Automatic merge from submit-queue (batch tested with PRs 50932, 49610, 51312, 51415, 50705)

Implement StatsProvider interface using cadvisor

Ref: https://github.com/kubernetes/kubernetes/issues/46984

- This PR changes the `StatsProvider` interface in `pkg/kubelet/server/stats` so that it can provide container stats from either cadvisor or CRI, and the summary API can consume the stats without knowing how they are provided.
- The `StatsProvider` struct in the newly added package `pkg/kubelet/stats` implements part of the `StatsProvider` interface in `pkg/kubelet/server/stats`.
- In `pkg/kubelet/stats`,
    - `stats_provider.go`: implements the node level stats and provides the entry point for this package.
    - `cadvisor_stats_provider.go`: implements the container level stats using cadvisor.
    - `cri_stats_provider.go`: implements the container level stats using CRI.
    - `helper.go`: utility functions shared by the above three components.
- There should be no user visible behaviors change in this PR.
- A follow up PR will implement the StatsProvider interface using CRI.

**Release note**:
```
None
```

/assign @yujuhong 
/assign @WIZARD-CXY
 2017-08-29 01:17:29 -07:00
Maciej Szulik
2de214b044
Enable batch/v1beta1.CronJobs by default 2017-08-29 09:31:39 +02:00
Kubernetes Submit Queue
c071a77156 Merge pull request #50717 from cblecker/git-util-func 
Automatic merge from submit-queue

Fix rsync issue when maintaining data containers

**What this PR does / why we need it**:
When we stopped syncing the full .git dir into the container and created a dummy git tree, an issue arose if you're maintaining a data dir volume. The git tree created in the container wouldn't be updated if we make more commits and sync them in, and would cause a dirty tree.

This PR changes the rsync flags so that "H" filtered files are hidden from rsync on the source side, and if they exist on the destination side, they will be deleted.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes a bug introduced in #50417

**Special notes for your reviewer**:
/assign @sttts @dims @ixdy

**Release note**:

```release-note
NONE
```
 2017-08-28 22:07:01 -07:00
ymqytw
838c47ee10 add apply test for retainKeys 2017-08-28 16:37:23 -07:00
Jordan Liggitt
e4b4001474
Fix list-features script 
Find features in nested test directories and run on OS X as well as linux
 2017-08-27 22:20:04 -04:00
zhengjiajin
f441de6be8 Add bash test for kubectl scale --selector and --all 2017-08-27 15:42:20 +08:00
Derek Carr
17c3b1ff56 hack/local-up-cluster.sh defaults to allow swap 2017-08-26 01:04:08 -04:00
Christoph Blecker
68232c328f
Create kube::util::create-fake-git-tree function 2017-08-25 16:51:51 -07:00
Tim Hockin
e73b27cbce Add debugging to the codegen process 2017-08-25 14:08:42 -07:00
Kubernetes Submit Queue
cfbd97c4f9 Merge pull request #51134 from stevekuznetsov/skuznets/verbose-bazel-error 
Automatic merge from submit-queue

Don't silence `go get` during verify scripts

When the verify scripts fail to install a component using `go get`
today, they silence output go `stderr` and cause the user to not get any
actionable feedback on failure.

Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

```release-note
NONE
```

/assign @ixdy
 2017-08-25 13:59:51 -07:00
Yang Guo
f9767d2f71 Change StatsProvider interface to provide container stats from either cadvisor or CRI and implement this interface using cadvisor 2017-08-25 13:11:26 -07:00
Kubernetes Submit Queue
acdf625e46 Merge pull request #51143 from oomichi/issue/43051 
Automatic merge from submit-queue (batch tested with PRs 51038, 50063, 51257, 47171, 51143)

Add signal handler for catching Ctrl-C on hack/e2e

**What this PR does / why we need it**:

When operating e2e test, hack/e2e.go process creates kubetest process.
To kill the kubetest process when stop e2e test with Ctrl-C, we need
to send the signal to the process because it also creates another
process and it needs to kill it.
This PR adds the signal handler on hack/e2e.go to kill the kubetest
process.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

fixes #43051

**Special notes for your reviewer**:

https://github.com/kubernetes/test-infra/pull/4154 is the part of kubetest.

**Release note**:

`NONE`
 2017-08-25 12:31:10 -07:00
Kubernetes Submit Queue
c19785cfea Merge pull request #49674 from crimsonfaith91/rollout 
Automatic merge from submit-queue (batch tested with PRs 50033, 49988, 51132, 49674, 51207)

StatefulSet kubectl rollout command

**What this PR does / why we need it**: This PR implements StatefulSet kubectl rollout command, covering `history`, `status`, and `undo`.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #49890 

**Special notes for your reviewer**:

**Release note**:

```release-note
kubectl rollout `history`, `status`, and `undo` subcommands now support StatefulSets.
```
 2017-08-25 11:07:15 -07:00
Kubernetes Submit Queue
f4f2137b90 Merge pull request #46986 from mbohlool/doc 
Automatic merge from submit-queue (batch tested with PRs 46986, 51214, 51169, 50155, 51261)

Add OpenAPI README file

Add a README.md file to OpenAPI folder explaining extensions we have on OpenAPI spec.

ref: #0
 2017-08-25 07:58:03 -07:00
Kubernetes Submit Queue
4a4c194bbd Merge pull request #51024 from fisherxu/UTautoscaler 
Automatic merge from submit-queue (batch tested with PRs 51114, 51233, 51024, 51053, 51197)

add UT for pkg/apis/autoscaling/v2alpha1/defaults.go

**What this PR does / why we need it**:
add UT for pkg/apis/autoscaling/v2alpha1/defaults.go

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
None
```
 2017-08-25 06:22:14 -07:00
zhengjiajin
04be0131d0 Add bash test for kubectl set env command 2017-08-25 20:37:46 +08:00
crimsonfaith91
ebdbafd2c5 statefulSet kubectl rollout command 2017-08-24 16:43:03 -07:00
Jeff Grafton
795d09a800 Always create vendor/BUILD in hack/update-bazel.sh 2017-08-24 14:05:57 -07:00
Kubernetes Submit Queue
1f580ae898 Merge pull request #51219 from ixdy/bump-repo-infra 
Automatic merge from submit-queue

Bump repo-infra dependency to fix go_genrule without sandboxing

**What this PR does / why we need it**: pulls in https://github.com/kubernetes/repo-infra/pull/35, which fixes the bazel build when sandboxing is not available.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #49569 

**Release note**:

```release-note
NONE
```

/assign @spxtr @mikedanese @BenTheElder
 2017-08-24 13:56:35 -07:00
Kubernetes Submit Queue
05e7f6d073 Merge pull request #50948 from mengqiy/add_junit_location 
Automatic merge from submit-queue

output junit report dir in cmd test

Output junit report dir for easier debug locally, otherwise people need to dive into the code to find the junit report dir. This will save people's time.

```release-note
None
```
 2017-08-24 12:25:24 -07:00
Ken'ichi Ohmichi
122d881c01 Add signal handler for catching Ctrl-C on hack/e2e 
When operating e2e test, hack/e2e.go process creates kubetest process.
To kill the kubetest process when stop e2e test with Ctrl-C, we need
to send the signal to the process because it also creates another
process and it needs to kill it.
This PR adds the signal handler on hack/e2e.go to kill the kubetest
process.

NOTE: https://github.com/kubernetes/test-infra/pull/4154 is the part
      of kubetest.

solve #43051
 2017-08-23 16:05:46 -07:00
Jeff Grafton
671cd2bc6b Bump repo-infra dependency to fix go_genrule without sandboxing 2017-08-23 13:11:03 -07:00
ymqytw
4dba473190 output junit dir for easier debug 2017-08-23 11:29:52 -07:00
Kubernetes Submit Queue
172f05bc53 Merge pull request #46902 from thockin/remove-obsolete-bins 
Automatic merge from submit-queue (batch tested with PRs 50980, 46902, 51051, 51062, 51020)

Remove seemingly obsolete binaries

It's hard to tell if these are safe to remove.  Let CI tell me.
 2017-08-22 23:13:59 -07:00
Kubernetes Submit Queue
d5ab597eb3 Merge pull request #49935 from xiangpengzhao/remove-dep-alias 
Automatic merge from submit-queue (batch tested with PRs 50806, 48789, 49922, 49935, 50438)

Remove deprecated kubectl command aliases

**What this PR does / why we need it**:
These command aliases have been deprecated for more than two years. It's time to remove them.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
ref: #8319 #6118 #8596

**Special notes for your reviewer**:
/sig cli

**Release note**:

```release-note
Remove deprecated kubectl command aliases `apiversions, clusterinfo, resize, rollingupdate, run-container, update`
```
 2017-08-22 19:45:34 -07:00
Steve Kuznetsov
86a5bd6c19
Don't silence go get during verify scripts 
When the verify scripts fail to install a component using `go get`
today, they silence output go `stderr` and cause the user to not get any
actionable feedback on failure.

Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
 2017-08-22 11:21:22 -07:00
fisherxu
28880ee0eb add UT for pkg/apis/autoscaling/v2alpha1/defaults.go 2017-08-22 19:34:30 +08:00
Tim Hockin
1f07bc7914 Message cleanup on update-all 2017-08-21 15:54:00 -07:00
Tim Hockin
831fd242e8 Remove seemingly obsolete binaries 2017-08-18 21:01:19 -07:00
guangxuli
43ea56a058 migrate sig-ui e2e test 
rebase
 2017-08-19 01:04:52 +08:00
Kubernetes Submit Queue
d543a7c7ce Merge pull request #50765 from sttts/sttts-kube-gen-rename 
Automatic merge from submit-queue

Rename k8s.io/{kube-gen -> code-generator}
 2017-08-18 01:06:45 -07:00
Kubernetes Submit Queue
89abb48f7e Merge pull request #50823 from zjj2wry/set-image 
Automatic merge from submit-queue (batch tested with PRs 50277, 50823, 50376, 50867)

fix issue(#50821)Add image check, if image not changed, transform false

**What this PR does / why we need it**:
closes #50821 
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-08-17 22:24:23 -07:00
zhengjiajin
a8c68d9211 add cmd test kubectl set image 2017-08-18 09:39:07 +08:00
Kubernetes Submit Queue
ee4cc08de9 Merge pull request #50563 from alindeman/sudo-mkdir-var-lib-kubelet 
Automatic merge from submit-queue (batch tested with PRs 50563, 50698, 50796)

Creates /var/lib/kubelet as root

**What this PR does / why we need it**: `hack/local-cluster-up.sh` does not currently use sudo to create `/var/lib/kubelet`, so it fails unless the entire script is run with sudo.

**Release note**:

```release-note
NONE
```
 2017-08-17 12:18:26 -07:00
Dr. Stefan Schimanski
e3a3d108fb Fixup after k8s.io/{kube-gen -> code-generator} rename 2017-08-17 17:55:12 +02:00
Kubernetes Submit Queue
8dea17d99b Merge pull request #50731 from guangxuli/fix_e2e_test_sig_prefix 
Automatic merge from submit-queue

Migrate sig-apimachinery and sig-servicecatalog e2e tests

**What this PR does / why we need it**:
Migrate sig-apimachinery and sig-servicecatalog e2e tests

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

Ref Umbrella issue #49161
1. Move generated_clientset.go to sig-apimachinary
2. Move podpreset.go to sig-servicecatalog by creating new directory.

**Special notes for your reviewer**:

**Release note**:

none

/cc @liggitt
 2017-08-17 07:06:23 -07:00
Kubernetes Submit Queue
90fad2d111 Merge pull request #50804 from ixdy/bump-repo-infra 
Automatic merge from submit-queue (batch tested with PRs 49869, 47987, 50211, 50804, 50583)

Bump repo-infra/kazel dependency

**What this PR does / why we need it**: `kazel` shouldn't be looking under skipped paths (like `_output`) for openapi files. This was fixed in https://github.com/kubernetes/repo-infra/pull/32 and now should be included here.

I've tested locally that this now ignores everything under `_output`.

**Release note**:

```release-note
NONE
```

/assign @mikedanese @spxtr
 2017-08-17 01:32:23 -07:00
Kubernetes Submit Queue
ccc40f49ee Merge pull request #49342 from RenaudWasTaken/protobufapionly 
Automatic merge from submit-queue (batch tested with PRs 49342, 50581, 50777)

Device Plugin Protobuf API

**What this PR does / why we need it:**
This implements the Device Plugin API

- Design document: kubernetes/community#695
- PR tracking: [kubernetes/features#368](https://github.com/kubernetes/features/issues/368#issuecomment-321625420)

Special notes for your reviewer:

First proposal submitted to the community repo, please advise if something's not right with the format or procedure, etc.
@vishh @derekwaynecarr

**Release note:**
```
NONE
```
 2017-08-16 23:08:08 -07:00
Jeffrey Regan
dbc22ad6fd Remove kubectl's dependence on schema file in pkg/api/validation. 
**What this PR does / why we need it**:

Makes functions in validation/schema.go private to kubectl,
further isolating kubectl.

**Which issue this PR fixes**

Part of a series of PRs to address kubernetes/community#598

**Release note**:
```release-note
NONE
```
 2017-08-16 16:38:28 -07:00
Kubernetes Submit Queue
4032896ef1 Merge pull request #41901 from soltysh/cronjobs_beta 
Automatic merge from submit-queue

Promote CronJobs to batch/v1beta1 - just the API

This PR promotes CronJobs to beta.

@erictune @kubernetes/sig-apps-api-reviews @kubernetes/api-approvers ptal

This builds on top of #41890 and needs #40932 as well

```release-note
Promote CronJobs to batch/v1beta1.
```
 2017-08-16 15:59:46 -07:00
Jeff Grafton
eab549a678 Bump repo-infra/kazel dependency 2017-08-16 14:31:45 -07:00
Kubernetes Submit Queue
49bee177b2 Merge pull request #49115 from CaoShuFeng/audit_beta 
Automatic merge from submit-queue (batch tested with PRs 49115, 47480)

Upgrade advanced audit to version v1beta1

This change does nothing but only upgrades advanced audit to version v1beta1.
There will be following up changes which does real effect to advanced audit feature.

After this change audit policy file should contain apiVersion and kind and has such format:
```
apiVersion: audit.k8s.io/v1alpha1
kind: Policy
rules:
  - level: None
```
or use the v1beta1 policy:
```
apiVersion: audit.k8s.io/v1beta1
kind: Policy
rules:
  - level: None
```
Updates #48561

**Release note**:

```
Upgrade advanced audit to version v1beta1.
```
 2017-08-16 06:27:25 -07:00
Kubernetes Submit Queue
7acff7e180 Merge pull request #50558 from xiangpengzhao/remove-pkg 
Automatic merge from submit-queue (batch tested with PRs 50589, 50558)

Remove packages which aren't relied on by heapster anymore.

**What this PR does / why we need it**:
Do the TODO:
```
// TODO apimachinery remove this empty package.  Godep fails without this because heapster relies
// on this package.  This will allow us to start splitting packages, but will force
// heapster to update on their next kube rebase.
```

These packages aren't relied on by heapster anymore. This PR removes them. This is a followup of #48410.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
ref: #48386 #48410

**Special notes for your reviewer**:
/cc @deads2k 
/kind cleanup

**Release note**:

```release-note
NONE
```
 2017-08-16 04:29:22 -07:00
Cao Shufeng
f4e8b8f146 upgrade advanced audit to v1beta1 2017-08-16 18:59:49 +08:00
Maciej Szulik
43b8715d82
Promote CronJobs to batch/v1beta1 2017-08-16 08:42:21 +02:00
Gavin
fc453826c7 move some e2e tests to SIG respectively 
fix typo

include the servicecatalog package

add framework file

update golint failures
 2017-08-16 14:34:50 +08:00
Dr. Stefan Schimanski
f763fdc3c1 Make kube::util::ensure_clean_working_dir more verbose in log files 2017-08-16 08:31:07 +02:00
Renaud Gaubert
4971cbfe14 Added script to verify the generated Device Plugin API 
Signed-off-by: Renaud Gaubert <rgaubert@nvidia.com>
 2017-08-15 14:59:42 -07:00
Renaud Gaubert
e6a210ca1b Added script to generate the Device Plugin API 
Signed-off-by: Renaud Gaubert <rgaubert@nvidia.com>
 2017-08-15 14:59:42 -07:00
Renaud Gaubert
c440246966 Added Device plugin API 
Signed-off-by: Renaud Gaubert <rgaubert@nvidia.com>
 2017-08-15 14:59:42 -07:00
Michael Taufen
24bab4c20f move KubeletConfiguration out of componentconfig API group 2017-08-15 08:12:42 -07:00
Dr. Stefan Schimanski
b0b5de6eaf Port internal extensions/Network* to networking.k8s.io API group 2017-08-15 11:56:46 +02:00
Kubernetes Submit Queue
a12cf94432 Merge pull request #50500 from shiywang/sortby 
Automatic merge from submit-queue (batch tested with PRs 50302, 50573, 50500, 50633, 50617)

add cmd-test for sort-by command

this follow up : https://github.com/kubernetes/kubernetes/pull/48659
/assign @pwittrock 
as your suggestion, cmd-test added, ptal

```release-note
NONE
```
 2017-08-14 20:42:20 -07:00
Kubernetes Submit Queue
ef9e3ecbfc Merge pull request #50417 from dims/avoid-rsync-dot-git-directory 
Automatic merge from submit-queue (batch tested with PRs 49129, 50436, 50417, 50553, 47587)

Avoid rsync of .git directory

**What this PR does / why we need it**:

We don't really need the .git directory to be transferred. This
problem was introduced in the PR #46193:
"Run the update-staging-godeps script inside a docker container"


**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:
Fixes #50272

**Release note**:

```release-note
NONE
```
 2017-08-14 19:49:00 -07:00
Andy Lindeman
60e4912bdf
Creates /var/lib/kubelet as root 
Fixes:
```
mkdir: cannot create directory ‘/var/lib/kubelet’: Permission denied
```
 2017-08-14 21:45:48 +00:00
ymqytw
7500b55ce4 move retry to client-go 2017-08-14 14:16:26 -07:00
Kubernetes Submit Queue
a4996c99d4 Merge pull request #50214 from andrewrynhard/refactor_addons 
Automatic merge from submit-queue (batch tested with PRs 49904, 50484, 50214)

Refactor addons into multiple packages

**What this PR does / why we need it**:
https://github.com/kubernetes/kubeadm/issues/348

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
https://github.com/kubernetes/kubeadm/issues/348
 2017-08-14 13:09:59 -07:00
Kubernetes Submit Queue
533fba78f7 Merge pull request #49904 from oomichi/fix-indent 
Automatic merge from submit-queue

Fix indent of ginkgo-e2e.sh

**What this PR does / why we need it**:

The condition of GINKGO_UNTIL_IT_FAILS didn't contain a valid indent.
So this PR fixes it for readable code.
 2017-08-14 12:36:31 -07:00
Kubernetes Submit Queue
f51daaf03c Merge pull request #50593 from CaoShuFeng/underscore 
Automatic merge from submit-queue (batch tested with PRs 50094, 48966, 49478, 50593, 49140)

some small fix in verify-flags-underscore

1. exceptions.txt and known-flags.txt are deleted, remove them from
code too.
2. remove some duplicated flags from excluded-flags.txt

**Release note**:

```
NONE
```
 2017-08-14 12:15:02 -07:00
Andrew Rynhard
967a5bb4f1 Remove package from hack/.golint_failures 2017-08-14 10:21:31 -07:00
Jacob Simpson
cd57f1c869 Migrate sig-auth e2e tests. 
**What this PR does / why we need it:** This PR adds [sig-auth] prefix to
workload e2e tests in accord to requirements of adding a SIG dashboard
to testgrid. Refer PR #48781 for guidelines.
 2017-08-14 09:39:54 -07:00
Cao Shufeng
ef3f1b933a some small fix in verify-flags-underscore 
1. exceptions.txt and known-flags.txt are deleted, remove them from
code too.
2. remove some duplicated flags from excluded-flags.txt
 2017-08-14 14:55:42 +08:00
Davanum Srinivas
827af63e72 Avoid rsync of .git directory 
We don't really need the .git directory to be transferred. This
problem was introduced in the PR:
"Run the update-staging-godeps script inside a docker container"

Fixes #50272
 2017-08-12 20:52:49 -04:00
xiangpengzhao
e590ec7058 Remove packages which aren't relied on by heapster anymore. 2017-08-12 23:50:22 +08:00
Jeff Grafton
a7f49c906d Use buildozer to delete licenses() rules except under third_party/ 2017-08-11 09:32:39 -07:00
Jeff Grafton
33276f06be Use buildozer to remove deprecated automanaged tags 2017-08-11 09:31:50 -07:00
Jeff Grafton
cf55f9ed45 Autogenerate BUILD files 2017-08-11 09:30:23 -07:00
Jeff Grafton
cce84c3e19 Use gazelle and kazel together to manage BUILD files 2017-08-11 09:30:23 -07:00
Shiyang Wang
1010916c1a add cmd-test for sort-by command 2017-08-11 15:53:31 +08:00
Kubernetes Submit Queue
7adb675003 Merge pull request #50269 from stevekuznetsov/skuznets/import-restrictions 
Automatic merge from submit-queue

Rewrite staging import verifier in Go

Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

**What this PR does / why we need it**:

Maintaining Bash is nobody's idea of fun. The declarative config is infinitely easier to read, as well.

**Special notes for your reviewer**:

@sttts still trying to figure out the rules you have encoded in the shell script... very confusing. Please review the `kube-gen` specifically.

**Release note**:
```release-note
NONE
```
 2017-08-11 00:37:13 -07:00
Kubernetes Submit Queue
85e2e5dd9a Merge pull request #49642 from liggitt/rbac-v1 
Automatic merge from submit-queue (batch tested with PRs 49642, 50335, 50390, 49283, 46582)

Add rbac.authorization.k8s.io/v1

xref https://github.com/kubernetes/features/issues/2

Promotes the rbac.authorization.k8s.io/v1beta1 API to v1 with no changes

```release-note
The `rbac.authorization.k8s.io/v1beta1` API has been promoted to `rbac.authorization.k8s.io/v1` with no changes.
The `rbac.authorization.k8s.io/v1alpha1` version is deprecated and will be removed in a future release.
```
 2017-08-10 00:53:17 -07:00
Kubernetes Submit Queue
b94f7eabd9 Merge pull request #50355 from shashidharatd/verify-flags 
Automatic merge from submit-queue (batch tested with PRs 49615, 49321, 49982, 49788, 50355)

Simplify hack/verify-flags-underscore.py

**What this PR does / why we need it**:
This PR removes the need for `hack/verify-flags/known-flags.txt` and verify-flags-underscore.py will always parse the flags from go files to check if they have underscore.

It is much faster compared to earlier checks and it does its job to check for underscore in flags.
Now:
```
# time ./hack/verify-flags-underscore.py 
real	0m1.638s
user	0m1.560s
sys	0m0.076s
```
Before:
```
# time ./hack/verify-flags-underscore.py 
real	0m22.585s
user	0m22.464s
sys	0m0.112s
```

It has become a pain to keep adding new flag to `known-flags.txt` whenever a new flag is introduced. with this PR this is step is not required anymore.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #40329  #50319

**Special notes for your reviewer**:

**Release note**:
```
NONE
```
/cc @fejta @mtaufen
 2017-08-09 23:56:07 -07:00
Kubernetes Submit Queue
938bc61499 Merge pull request #49982 from luxas/kubeadm_node_bootstrap_token_phase 
Automatic merge from submit-queue (batch tested with PRs 49615, 49321, 49982, 49788, 50355)

kubeadm: Move all node bootstrap token related code in one phase package

**What this PR does / why we need it**:
Part of the phases refactoring.
Moves everything Node Bootstrap Token-related into its own package.
In the future there will be a `phases/bootstraptoken/master` pkg as well.
The generic bootstrap token client functions should be moved to client go eventually https://github.com/kubernetes/client-go/issues/114

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:
I'll yet add the CLI interface for this tomorrow.
Not sure if this compiles currently, but I'm uploading this now for initial review.

**Release note**:

```release-note
NONE
```
@kubernetes/sig-cluster-lifecycle-pr-reviews @mattmoyer
 2017-08-09 23:56:03 -07:00
Kubernetes Submit Queue
4d4dd23820 Merge pull request #50418 from liggitt/target-godep 
Automatic merge from submit-queue (batch tested with PRs 50418, 49830, 49206, 49061, 49912)

Target godep script change verifications

helps with #50319

`hack/verify-godeps.sh` takes ~15 minutes of the verify job time. We should not run it if not required, especially since the job is regularly timing out at 1 hour when this check is included.

https://github.com/kubernetes/kubernetes/pull/48653 added a check to run it if *anything* under `hack` was changed. This targetes just changes to the godep scripts
 2017-08-09 22:07:12 -07:00
Lucas Käldström
cb73972224
autogenerated 2017-08-10 06:46:46 +03:00
Jordan Liggitt
125a840445
Target godep script change verifications 2017-08-09 22:34:13 -04:00
shashidharatd
37dd1219e2 Remove redundant files 2017-08-10 05:21:51 +05:30
shashidharatd
5cfc724b9e Simplify hack/verify-flags-underscore.py 2017-08-10 05:21:10 +05:30
Kubernetes Submit Queue
458cc04330 Merge pull request #46254 from mtaufen/dkcfg 
Automatic merge from submit-queue (batch tested with PRs 50016, 49583, 49930, 46254, 50337)

Alpha Dynamic Kubelet Configuration

Feature: https://github.com/kubernetes/features/issues/281

This proposal contains the alpha implementation of the Dynamic Kubelet Configuration feature proposed in ~#29459~ [community/contributors/design-proposals/dynamic-kubelet-configuration.md](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/dynamic-kubelet-configuration.md). 

Please note:
- ~The proposal doc is not yet up to date with this implementation, there are some subtle differences and some more significant ones. I will update the proposal doc to match by tomorrow afternoon.~
- ~This obviously needs more tests. I plan to write several O(soon). Since it's alpha and feature-gated, I'm decoupling this review from the review of the tests.~ I've beefed up the unit tests, though there is still plenty of testing to be done.
- ~I'm temporarily holding off on updating the generated docs, api specs, etc, for the sake of my reviewers 😄~ these files now live in a separate commit; the first commit is the one to review.

/cc @dchen1107 @vishh @bgrant0607 @thockin @derekwaynecarr 

```release-note
Adds (alpha feature) the ability to dynamically configure Kubelets by enabling the DynamicKubeletConfig feature gate, posting a ConfigMap to the API server, and setting the spec.configSource field on Node objects. See the proposal at https://github.com/kubernetes/community/blob/master/contributors/design-proposals/dynamic-kubelet-configuration.md for details.
```
 2017-08-09 14:14:32 -07:00
Kubernetes Submit Queue
82b3a80ad1 Merge pull request #49583 from irfanurrehman/fed-hpa-configTimeout 
Automatic merge from submit-queue (batch tested with PRs 50016, 49583, 49930, 46254, 50337)

[Federation] Make the hpa scale time window configurable

This PR is on top of open pr https://github.com/kubernetes/kubernetes/pull/45993.
Please review only the last commit in this PR.
This adds a config param to controller manager, the value of which gets passed to hpa adapter via sync controller.
This is needed to reduce the overall time limit of the hpa scaling window to much lesser (then the default 2 mins) to get e2e tests run faster. Please see the comment on the newly added parameter.

**Special notes for your reviewer**:
@kubernetes/sig-federation-pr-reviews 
@quinton-hoole 
@marun to please validate the mechanism used to pass a parameter from cmd line to adapter.

**Release note**:

``` 
federation-controller-manager gets a new flag --hpa-scale-forbidden-window.
This flag is used to configure the duration used by federation hpa controller to determine if it can move max and/or min replicas 
around (or not), of a cluster local hpa object, by comparing current time with the last scaled time of that cluster local hpa. 
Lower value will result in faster response to scalibility conditions achieved by cluster local hpas on local replicas, but too low 
a value can result in thrashing. Higher values will result in slower response to scalibility conditions on local replicas.
```
 2017-08-09 14:14:27 -07:00
Jordan Liggitt
dd7be70a4a
Add rbac.authorization.k8s.io/v1 2017-08-09 17:04:54 -04:00
Kubernetes Submit Queue
190ee708a6 Merge pull request #48659 from shiywang/fix-sort 
Automatic merge from submit-queue

Fix sort-by output problem

Fixes https://github.com/kubernetes/kubectl/issues/43

This bug was original introduced in pr here: https://github.com/kubernetes/kubernetes/pull/46265, I think next time if we touch something printer related package, maybe should let @smarterclayton have a review, although he is pretty busy I guess : ) and that package also changed a lot recently since he's been working on refactoring.
 
this is a quick and dirty fix, not sure if there's better way, I will add some regression test soon...

@kubernetes/sig-cli-pr-reviews 

```release-note
NONE
```

/assign @mengqiy 
/assign @smarterclayton
 2017-08-09 10:56:49 -07:00
Steve Kuznetsov
54809de387
Rewrite staging import verifier in Go 
Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
 2017-08-08 16:08:20 -07:00
Michael Taufen
443d58e40a Dynamic Kubelet Configuration 
Alpha implementation of the Dynamic Kubelet Configuration feature.
See the proposal doc in #29459.
 2017-08-08 12:21:37 -07:00
Kubernetes Submit Queue
c9d142d73d Merge pull request #49382 from bskiba/kubemark_e2e_nm 
Automatic merge from submit-queue

Add a simple cloud provider for e2e tests on kubemark

**What this PR does / why we need it**:
Adds a simplified cloud provider for kubemark. This enables us to add and
remove nodes and operate on nodegroups while running tests on kubemark.

This is needed to run scalability tests for cluster autoscaler on kubemark.
See https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/proposals/kubemark_integration.md

**Release note**:
```
NONE
```
 2017-08-08 08:50:07 -07:00
Klaus Ma
4fdb701e3c Moved node/testutil to upper dir. 2017-08-08 10:14:21 +08:00
jianhuiz
4dcdfd4aa8 add job controller 2017-08-07 11:36:45 -07:00
Kubernetes Submit Queue
47999c5803 Merge pull request #50087 from deads2k/server-39-convert 
Automatic merge from submit-queue (batch tested with PRs 50087, 39587, 50042, 50241, 49914)

convert default predicates to use the default

Builds on https://github.com/kubernetes/kubernetes/pull/50019 (lgtm'd already)

This converts the already default field selectors to use the default value.  I'll let CI point out the unit test failures for me to chase.

@kubernetes/sig-api-machinery-misc
 2017-08-07 10:58:55 -07:00
Beata Skiba
2f747f3d3c Add a simple cloud provider for e2e tests on kubemark 
This is needed for cluster autoscaler e2e test to
run on kubemark. We need the ability to add and
remove nodes and operate on nodegroups. Kubemark
does not provide this at the moment.
 2017-08-07 16:31:02 +02:00
Kubernetes Submit Queue
2d5729e227 Merge pull request #50236 from crassirostris/sig-instrumentation-e2e-last-move 
Automatic merge from submit-queue (batch tested with PRs 50091, 50231, 50238, 50236, 50243)

Move the sig-instrumentation test to a dedicated folder

Move the last remaining test to sig-instrumentation folder, also move "metrics" package to the "framework" folder

Related issue: https://github.com/kubernetes/kubernetes/issues/49161

/cc @xiangpengzhao @piosz
 2017-08-07 07:14:58 -07:00
deads2k
ec397c4374 convert default predicates to use the default 2017-08-07 09:05:17 -04:00
Kubernetes Submit Queue
7deb3b29cd Merge pull request #50141 from gmarek/verify 
Automatic merge from submit-queue (batch tested with PRs 49868, 50143, 49377, 50141, 50145)

Don't expect internal clientset to be generated for groups without ne…

…w types
 2017-08-07 04:04:59 -07:00
Mik Vyatskov
e79a228a78 Move the sig-instrumentation test to a dedicated folder 2017-08-07 10:33:03 +02:00
Irfan Ur Rehman
2be69a515c [Federation] Make the hpa scale time window configurable 2017-08-06 01:09:34 +05:30
Kubernetes Submit Queue
fae79dd4b4 Merge pull request #47181 from dims/fail-on-swap-enabled 
Automatic merge from submit-queue (batch tested with PRs 50119, 48366, 47181, 41611, 49547)

Fail on swap enabled and deprecate experimental-fail-swap-on flag

**What this PR does / why we need it**:

    * Deprecate the old experimental-fail-swap-on
    * Add a new flag fail-swap-on and set it to true

    Before this change, we would not fail when swap is on. With this
    change we fail for everyone when swap is on, unless they explicitly
    set --fail-swap-on to false.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

Fixes #34726

**Special notes for your reviewer**:

**Release note**:

```release-note
Kubelet will by default fail with swap enabled from now on. The experimental flag "--experimental-fail-swap-on" has been deprecated, please set the new "--fail-swap-on" flag to false if you wish to run with /proc/swaps on.
```
 2017-08-04 14:29:36 -07:00
gmarek
03cee68e47 Don't expect internal clientset to be generated for groups without new types 2017-08-04 12:27:32 +02:00
Dr. Stefan Schimanski
4b709e8485 kube-gen: unify update-codecgen.sh scripts 2017-08-04 08:03:15 +02:00
Dr. Stefan Schimanski
927341c6d3 verify-staging-import: ignore k8s.io/kube-gen/test 2017-08-04 08:03:15 +02:00
Dr. Stefan Schimanski
98042b77f3 kube-gen: fixup moved tests 2017-08-04 08:03:15 +02:00
Kubernetes Submit Queue
d15baf69e1 Merge pull request #48969 from ixdy/update-kazel 
Automatic merge from submit-queue (batch tested with PRs 50103, 49677, 49449, 43586, 48969)

Run kazel on the entire tree

**What this PR does / why we need it**: part of #47558: auto-generate `BUILD` files on the entire tree, since this is what `gazelle` does, and it'll make subsequent reviews easier if less is changing.

**Release note**:

```release-note
NONE
```
/assign
/release-note-none
 2017-08-03 16:43:41 -07:00
Kubernetes Submit Queue
928cf542d2 Merge pull request #49942 from xiangpengzhao/nw-e2e 
Automatic merge from submit-queue

Moves left networking e2e tests to test/e2e/network

**What this PR does / why we need it**:
#48784 forgot to move some networking e2e tests. This PR moves them.

It also move the networking tests from within `test/e2e/common/networking.go` to  `test/e2e/network/networking.go`

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Associated PR #48784
Umbrella issue #49161

**Special notes for your reviewer**:
/assign @wojtek-t @bowei 

**Release note**:

```release-note
NONE
```
 2017-08-03 08:35:36 -07:00
Dr. Stefan Schimanski
ea39971b7c Remove traces of go2idl 2017-08-03 09:33:58 +02:00
Kubernetes Submit Queue
a0fe9edd27 Merge pull request #49808 from dims/fix-dynamic-admission-control-in-local-cluster 
Automatic merge from submit-queue (batch tested with PRs 48365, 49902, 49808, 48722, 47045)

Add admission controller API to runtime config and externalize ADMISSION_CONTROL

**What this PR does / why we need it**:

Enable the dynamic admission controller registration API by
adding "admissionregistration.k8s.io/v1alpha1" to --runtime-config
to fix problems when starting up local-up-cluster. Also make sure
ADMISSION_CONTROL can be specified externally.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

Fixes #47385

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-08-02 22:32:56 -07:00
Jeff Grafton
3afeb7cd3c Fix BUILD files 2017-08-02 18:33:32 -07:00
Jeff Grafton
3579017b86 Run hack/update-bazel.sh to generate BUILD files 2017-08-02 18:33:25 -07:00
Jeff Grafton
5d4f83468e Make hack/boilerplate/test files use a more appropriate package name 2017-08-02 18:32:50 -07:00
Jeff Grafton
e2ce25da4b Update kazel to include kubernetes/repo-infra#21 2017-08-02 18:32:50 -07:00
Davanum Srinivas
71e8c8eba4 Fail on swap enabled and deprecate experimental-fail-swap-on flag 
* Deprecate the old experimental-fail-swap-on
* Add a new flag fail-swap-on and set it to true

Before this change, we would not fail when swap is on. With this
change we fail for everyone when swap is on, unless they explicitly
set --fail-swap-on to false.
 2017-08-02 16:20:01 -04:00
Christoph Blecker
be74799358
Add cblecker to hack/ approvers 2017-08-02 10:39:26 -07:00
Kubernetes Submit Queue
0f10e61241 Merge pull request #44278 from aveshagarwal/master-fix-resource-quota 
Automatic merge from submit-queue (batch tested with PRs 49990, 49997, 44278, 49936, 49891)

Move ResourceQuota plugin at the end of the admission plugin chain.

@liggitt @derekwaynecarr
 2017-08-02 10:21:46 -07:00
xiangpengzhao
8d7543415e Move left networking e2e tests to test/e2e/network 2017-08-02 23:47:10 +08:00
Kubernetes Submit Queue
dd819b5013 Merge pull request #49886 from ironcladlou/int-test-logging 
Automatic merge from submit-queue (batch tested with PRs 49992, 48861, 49267, 49356, 49886)

Set default vmodule flag in integration tests

Re-introduce a default glog vmodule flag to the integration test setup.
The default was removed in d08dfb9 because it was hard-coded and
prevented local override. This commit makes the default overridable.

```release-note
NONE
```

/cc @caesarxuchao
 2017-08-02 05:16:07 -07:00
Kubernetes Submit Queue
9067d35951 Merge pull request #48861 from mbohlool/openapi_aggr 
Automatic merge from submit-queue (batch tested with PRs 49992, 48861, 49267, 49356, 49886)

Reintegrate aggregation support for OpenAPI

Reintegrating changes of #46734

Changes summary:

- Extracted all OpenAPI specs to new repo `kube-openapi`
- Make OpenAPI spec aggregator to copy and rename any non-requal model (even with documentation change only).
- Load specs when adding APIServices and retry on failure until successful spec retrieval or a 404.
- Assumes all Specs except aggregator's Spec are static 
- A re-register of any APIService will result in updating the spec for that service (Suggestion for TPR: they should be registered to aggregator API Server, Open for discussion if any more changes needed for another PR.)

fixes #48548
 2017-08-02 05:15:57 -07:00
xiangpengzhao
d6aca27b53 Remove deprecated kubectl command aliases 2017-08-02 03:08:48 -04:00
mbohlool
10d9a475be Bugfix: verify-no-vendor-cycles.sh detects wrong cycles 2017-08-01 21:09:53 -07:00
gmarek
aad18ccfdd Add gmarek to hack/ OWNERS 2017-08-01 15:55:47 +02:00
mbohlool
400b77b48f Update main repo references to new kube-openapi repo 2017-08-01 03:37:16 -07:00
Kubernetes Submit Queue
6eea28381e Merge pull request #49720 from dhilipkumars/verifyAllFix 
Automatic merge from submit-queue (batch tested with PRs 46519, 49794, 49720, 49692, 49821)

[make verify] Display list of failed tests to the user at the end

**What this PR does / why we need it**:
Minor improvement to verify all script as it now displays list of failed tests at the end, makes it easier for fixing errors
```
$KUBE_VERIFY_GIT_BRANCH=someBranch hack/make-rules/verify.sh -v -Q
.
.
.
========================
FAILED TESTS
========================
hack/make-rules/../../hack/verify-boilerplate.sh
hack/make-rules/../../hack/verify-godep-licenses.sh
hack/make-rules/../../hack/verify-readonly-packages.sh
```

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #49845

**Special notes for your reviewer**:

**Release note**:

```release-note
None
```
 2017-08-01 03:04:44 -07:00
Ken'ichi Ohmichi
c39e231c29 Fix indent of ginkgo-e2e.sh 
The condition of GINKGO_UNTIL_IT_FAILS didn't contain a valid indent.
So this PR fixes it for readable code.
 2017-07-31 15:10:56 -07:00
Kubernetes Submit Queue
11f8047735 Merge pull request #49729 from LihuaWu/feature-zjt 
Automatic merge from submit-queue

fix hack/local-up-cluster.sh apiserver not listening bug

**What this PR does / why we need it**:
This PR fix a potential bug int hack/local-up-cluster.sh and it helps developers to build local cluster properly

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fix #49728 

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-07-31 13:30:45 -07:00
Dan Mace
a98801c100 Set default vmodule flag in integration tests 
Re-introduce a default glog vmodule flag to the integration test setup.
The default was removed in d08dfb9 because it was hard-coded and
prevented local override. This commit makes the default overridable.
 2017-07-31 14:06:46 -04:00
Kubernetes Submit Queue
a1c0510d00 Merge pull request #49812 from liggitt/local-up-node-authorizer 
Automatic merge from submit-queue

Enable node authorizer in local-up-cluster

Fixes #49822 

Enables the Node authorization mode to ensure the kubelet credential we create has permission to do kubelet-related things. Matches the default authorizers in gce/gke and CI clusters.

Related to the deprecation of the automatic binding of the `system:nodes` group to the `system:node` role on new deployments (https://github.com/kubernetes/kubernetes/pull/49638)

```release-note
`hack/local-up-cluster.sh` now enables the Node authorizer by default. Authorization modes can be overridden with the `AUTHORIZATION_MODE` environment variable, and the `ENABLE_RBAC` environment variable is no longer used.
```
 2017-07-31 08:44:59 -07:00
wulihua
e0fefbee9c Fix issue: https://github.com/kubernetes/kubernetes/issues/49728 
Let user choose ADVERTISE_ADDRESS in case the apiserver heuristic
 for the external address is broken
 2017-07-31 21:36:31 +08:00
Kubernetes Submit Queue
7be28a15cc Merge pull request #47665 from ironcladlou/gc-poll-types 
Automatic merge from submit-queue (batch tested with PRs 49538, 49708, 47665, 49750, 49528)

Enable garbage collection of custom resources

Enhance the garbage collector to periodically refresh the resources it monitors (via discovery) to enable custom resource definition GC (addressing #44507 and reverting #47432).

This is a replacement for #46000.

/cc @lavalamp @deads2k @sttts @caesarxuchao 

/ref https://github.com/kubernetes/kubernetes/pull/48065

```release-note
The garbage collector now supports custom APIs added via CustomeResourceDefinition or aggregated apiservers. Note that the garbage collector controller refreshes periodically, so there is a latency between when the API is added and when the garbage collector starts to manage it.
```
 2017-07-29 05:28:53 -07:00
Kubernetes Submit Queue
ba8b26d47a Merge pull request #49708 from mborsz/regional 
Automatic merge from submit-queue (batch tested with PRs 49538, 49708, 47665, 49750, 49528)

Add a support for GKE regional clusters in e2e tests.

**What this PR does / why we need it**:
Add a support for GKE regional clusters in e2e tests.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:
```release-note
NONE
```
 2017-07-29 05:28:51 -07:00
Kubernetes Submit Queue
9dc3a661d7 Merge pull request #49681 from mikedanese/kubelet-csr 
Automatic merge from submit-queue (batch tested with PRs 49581, 49652, 49681, 49688, 44655)

kubeadm: use kubelet bootstrap instead of reimplementing

@kubernetes/sig-cluster-lifecycle-api-reviews
 2017-07-28 13:45:48 -07:00
Kubernetes Submit Queue
a4dd65c7e9 Merge pull request #49581 from spiffxp/sig-testing-owners-aliases 
Automatic merge from submit-queue (batch tested with PRs 49581, 49652, 49681, 49688, 44655)

Add sig-testing OWNERS_ALIASES

/sig testing

**What this PR does / why we need it**: 

follow the sig-foo-{reviewers,approvers} convention
- rename test-infra-maintainers to sig-testing-approvers
- copy sig-testing-approvers to sig-testing-reviewers
- remove inviduals in test/OWNERS in favor of new aliases

as a result
- rmmh gets test/ approver privileges
- spiffxp gets hack/jenkins/ approver privileges

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #49580

**Special notes for your reviewer**:

**Release note**:
```release-note
NONE
```
 2017-07-28 13:45:43 -07:00
Jordan Liggitt
33a3a7c730
Enable node authorizer in local-up-cluster 2017-07-28 14:59:41 -04:00
Davanum Srinivas
13558335bd Add admission controller API to config and externalize ADMISSION_CONTROL 
Enable the dynamic admission controller registration API by
adding "admissionregistration.k8s.io/v1alpha1" to --runtime-config
to fix problems when starting up local-up-cluster. Also make sure
ADMISSION_CONTROL can be specified externally.

Fixes 47385
 2017-07-28 14:12:50 -04:00
Dan Mace
d08dfb92c7 Enable garbage collection of custom resources 
Enhance the garbage collector to periodically refresh the resources it
monitors (via discovery) to enable custom resource definition GC.

This implementation caches Unstructured structs for any kinds not
covered by a shared informer. The existing meta-only codec only supports
compiled types; an improved codec which supports arbitrary types could
be introduced to optimize caching to store only metadata for all
non-informer types.
 2017-07-28 10:00:10 -04:00
Avesh Agarwal
b6b26ae9c0 Move ResourceQuota plugin at the end of the admission plugin chain. 2017-07-28 08:57:46 -04:00
Kubernetes Submit Queue
8f8b9fa971 Merge pull request #47267 from fabianofranz/kubectl_plugins_v1_part3 
Automatic merge from submit-queue (batch tested with PRs 49619, 49598, 47267, 49597, 49638)

Flag support in kubectl plugins

Adds support to flags in `kubectl` plugins. Flags are declared in the plugin descriptor and are passed to plugins through env vars, similar to global flags (which already works).

Fixes https://github.com/kubernetes/kubernetes/issues/49122

**Release note**:

```release-note
Added flag support to kubectl plugins
```
PTAL @monopole @kubernetes/sig-cli-pr-reviews
 2017-07-28 05:08:05 -07:00
Kubernetes Submit Queue
85f19ec6e9 Merge pull request #47738 from php-coder/code_simplification 
Automatic merge from submit-queue (batch tested with PRs 47738, 49196, 48907, 48533, 48822)

ParseEncryptionConfiguration: simplify code

**What this PR does / why we need it**:
Reorder `if`-s to make code a bit more readable. It also improves godoc comment and error message.

**Release note**:
```release-note
NONE
```

PTAL @sakshamsharma
 2017-07-28 03:10:29 -07:00
Maciej Borsz
7822b5d9fd Add a support for GKE regional clusters in e2e tests. 2017-07-28 11:42:54 +02:00
dhilipkumars
f9d5abb75e Remove blank lines-review comments 2017-07-28 14:21:20 +05:30
Mike Danese
fe7ba9e748 kubeadm: use kubelet bootstrap instead of reimplementing 2017-07-27 09:21:24 -07:00
dhilipkumars
43a2999581 Display list of failed tests to the user 2017-07-27 19:10:17 +05:30
Kubernetes Submit Queue
d4897e875b Merge pull request #47160 from shashidharatd/fed-internalclientset 
Automatic merge from submit-queue (batch tested with PRs 46913, 48910, 48858, 47160)

federation: Stop using and remove federation internalclientset

**What this PR does / why we need it**:
This probably a left over job. We should not be using the internal clientset and instead be using versioned ones as described in #29934

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

```release-note
NONE
```

/assign @nikhiljindal 
/cc @kubernetes/sig-federation-misc
 2017-07-25 23:00:38 -07:00
Kubernetes Submit Queue
76b4eab553 Merge pull request #48910 from mtaufen/test-fixit-node-dir 
Automatic merge from submit-queue (batch tested with PRs 46913, 48910, 48858, 47160)

move sig-node related e2e tests to node subdir

I need help making sure I picked the right ones and/or didn't miss anything.
Potential additions include: `logging_soak.go`, `ssh.go`, `kubelet_perf.go`.

/cc @dchen1107 @vishh @tallclair @yujuhong @Random-Liu @abgworrall @dashpole @yguo0905
 2017-07-25 23:00:31 -07:00
Kubernetes Submit Queue
f9f43143a4 Merge pull request #46193 from cblecker/staging-godeps-dockerized 
Automatic merge from submit-queue (batch tested with PRs 43443, 46193, 49071, 47252)

Run the update-staging-godeps script inside a docker container

**What this PR does / why we need it**:
This PR moves the update-staging-godeps script to run inside a docker container.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #45757 

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```

/assign @ixdy @sttts
 2017-07-25 21:52:48 -07:00
Kubernetes Submit Queue
66a1ae38ea Merge pull request #43443 from irfanurrehman/kubefed-doc-1 
Automatic merge from submit-queue (batch tested with PRs 43443, 46193, 49071, 47252)

[Federation][Kubefed] Support reference document autogeneration for kubefed

This PR is needed to address the documentation issue https://github.com/kubernetes/kubernetes.github.io/issues/2888

Apart from the code auto generation have updated some descriptions for consistency.

**Special notes for your reviewer**:
@kubernetes/sig-federation-misc 
cc @madhusudancs @csbell  

**Release note**:

```NONE
```
 2017-07-25 21:52:45 -07:00
shashidharatd
1a93c46197 Stop generating federation internal clientset 2017-07-26 06:20:08 +05:30
Michael Taufen
3c5b050da6 move sig-node related e2e tests to node subdir 2017-07-25 15:22:43 -07:00
Christoph Blecker
2ee8983daf
Dockerize update-staging-godeps 2017-07-25 12:26:57 -07:00
Kubernetes Submit Queue
427dfd5ce1 Merge pull request #49430 from dims/set-external-hostname-in-local-up-cluster 
Automatic merge from submit-queue (batch tested with PRs 48976, 49474, 40050, 49426, 49430)

Set external hostname in local-up-cluster

**What this PR does / why we need it**:

If we set --external-hostname, then the api server does not look
in the CloudProviderOptions.DefaultExternalHost method. While we
are at it, let's log an info message, so if there is a failure
the operator gets a hint that they can use --external-hostname
to bypass the lookup in the cloud provider. This will enable us
to set the CLOUD_PROVIDER to openstack for example and not have to
really run api server inside a openstack vm.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-07-25 12:14:48 -07:00
Kubernetes Submit Queue
2189314895 Merge pull request #40050 from mtaufen/standalone-mode 
Automatic merge from submit-queue (batch tested with PRs 48976, 49474, 40050, 49426, 49430)

Use presence of kubeconfig file to toggle standalone mode

Fixes #40049 

```release-note
The deprecated --api-servers flag has been removed. Use --kubeconfig to provide API server connection information instead. The --require-kubeconfig flag is now deprecated. The default kubeconfig path is also deprecated. Both --require-kubeconfig and the default kubeconfig path will be removed in Kubernetes v1.10.0.
```

/cc @kubernetes/sig-cluster-lifecycle-misc @kubernetes/sig-node-misc
 2017-07-25 12:14:43 -07:00
Christoph Blecker
a4d838edb2
Log times to restore godeps 2017-07-25 12:11:07 -07:00
Christoph Blecker
26491cef81
Simplify output of ensure_godep_version 2017-07-25 12:11:06 -07:00
Christoph Blecker
499d6da965
Bump required golang version to 1.8 2017-07-25 12:11:03 -07:00
Kubernetes Submit Queue
393b1228c9 Merge pull request #45431 from DirectXMan12/feature/fake-dynamic-client 
Automatic merge from submit-queue (batch tested with PRs 48224, 45431, 45946, 48775, 49396)

[client-go] Fake Dynamic Client

This commit converts `"k8s.io/client-go/dynamic".Client` to an interface, and implements fake versions of both `ClientPool` and `Client`.  This allows components which make uses of these clients to be tested in the same way that clientset-based components can be tested, using the standard `testing.Fake` machinery.

**Release note**:
```release-note
NONE
```
 2017-07-25 11:06:49 -07:00
Aaron Crickenberger
7e63bf5e07 Add sig-testing OWNERS_ALIASES 
follow the sig-foo-{reviewers,approvers} convention
- rename test-infra-maintainers to sig-testing-approvers
- copy sig-testing-approvers to sig-testing-reviewers
- remove inviduals in test/OWNERS in favor of new aliases

as a result
- rmmh gets test/ approver privileges
- spiffxp gets hack/jenkins/ approver privileges
 2017-07-25 11:05:18 -07:00
Kubernetes Submit Queue
9bdf464bd5 Merge pull request #49286 from kargakis/remote-myself-from-some-places 
Automatic merge from submit-queue (batch tested with PRs 49286, 49550)

Remove myself from a bunch of places

I am assigned in reviews which I never get to do. I prefer drive-bys whenever I can do them rather than the bot choosing myself in random, ends up being mere spam.

@smarterclayton please approve.
 2017-07-25 06:41:08 -07:00
Kubernetes Submit Queue
db7a47fe75 Merge pull request #49479 from sttts/sttts-no-staging-in-gopath 
Automatic merge from submit-queue (batch tested with PRs 49479, 49496)

hack/update-staging-godep.sh: check for staging repos in GOPATH
 2017-07-25 01:41:28 -07:00
Kubernetes Submit Queue
7f1d9382ec Merge pull request #48846 from dashpole/remove_ood 
Automatic merge from submit-queue

Remove flags low-diskspace-threshold-mb and outofdisk-transition-frequency

issue: #48843

This removes two flags replaced by the eviction manager.  These have been depreciated for two releases, which I believe correctly follows the kubernetes depreciation guidelines.

```release-note
Remove depreciated flags: --low-diskspace-threshold-mb and --outofdisk-transition-frequency, which are replaced by --eviction-hard
```

cc @mtaufen since I am changing kubelet flags
cc @vishh @derekwaynecarr 
/sig node
 2017-07-24 23:05:50 -07:00
Kubernetes Submit Queue
97eed3f71a Merge pull request #48911 from verult/StorageTests 
Automatic merge from submit-queue

Added sig-storage labels to upgrade tests and moved them to appropriate directory

**What this PR does / why we need it**: Adding necessary sig identifier for storage upgrade tests.

/release-note-none
 2017-07-24 20:26:59 -07:00
Kubernetes Submit Queue
633079eb01 Merge pull request #47864 from droot/podpreset-conflict-fix 
Automatic merge from submit-queue (batch tested with PRs 49444, 47864, 48584, 49395, 49118)

fixed conflict resolution behavior while apply podpresets

**What this PR does / why we need it**:
This fixes the PodPreset application behavior in case of conflicts occur during the merging of Pod's information with PodPreset's. More details are in issue #47861 

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes #47861

**Special notes for your reviewer**:
We are splitting the PodPreset application logic in two phases. In first phase, we try to detect the conflicts in information merging without modifying the Pod at all. If conflict occurs, then we reject the PodPresets injection. Incase of no conflicts, we apply the PodPresets and merge the information.

**Release note**:

```release-note
PodPreset is not injected if conflict occurs while applying PodPresets to a Pod.
```
 2017-07-24 13:52:34 -07:00
Cheng Xing
ffd48f6311 Added sig-storage labels to upgrade tests and moved them to appropriate directory 2017-07-24 13:23:43 -07:00
Solly Ross
3e6bf24e08 [client-go] Add fake dynamic Client/ClientPool 
This introduces fake implementations of dynamic.Client and
dynamic.ClientPool.  They function similarly to the fake generated
clientsets, since they're also based in testing.Fake.
 2017-07-24 15:21:02 -04:00
Michael Taufen
38aee0464d Providing kubeconfig file is now the switch for standalone mode 
Replaces use of --api-servers with --kubeconfig in Kubelet args across
the turnup scripts. In many cases this involves generating a kubeconfig
file for the Kubelet and placing it in the correct location on the node.
 2017-07-24 11:03:00 -07:00
Davanum Srinivas
f4011d485a Set external hostname in local-up-cluster 
If we set --external-hostname, then the api server does not look
in the CloudProviderOptions.DefaultExternalHost method. While we
are at it, let's log an info message, so if there is a failure
the operator gets a hint that they can use --external-hostname
to bypass the lookup in the cloud provider. This will enable us
to set the CLOUD_PROVIDER to openstack for example and not have to
really run api server inside a openstack vm.
 2017-07-24 07:58:46 -04:00
Kubernetes Submit Queue
6fdf0e4157 Merge pull request #49247 from cblecker/fix-staging-godeps-master 
Automatic merge from submit-queue

Fix staging godeps for k8s.io/metrics and k8s.io/kube-gen

**What this PR does / why we need it**:
#49095 introduced an issue with the formatting of the k8s.io/metrics staging godeps. This fixes that issue, and alters the script to prevent it from happening again.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-07-24 01:47:37 -07:00
Dr. Stefan Schimanski
263b918541 hack/update-staging-godep.sh: check for staging repos in GOPATH 2017-07-24 10:44:42 +02:00
Bowei Du
92a8c1fcb0 Moves networking e2e tests to test/e2e/network 
This also adds sig-network-{approvers,reviewers} alias
 2017-07-22 09:43:42 -07:00
Michail Kargakis
5e93ed27bd
Rename test dir to allude sig-apps ownership 
Signed-off-by: Michail Kargakis <mkargaki@redhat.com>
 2017-07-22 12:43:36 +02:00
Kubernetes Submit Queue
a79e6b183d Merge pull request #49346 from caesarxuchao/generate-to-client-go 
Automatic merge from submit-queue (batch tested with PRs 49326, 49394, 49346, 49379, 49399)

Make client-go authoritative

client-go now is authoritative except for `client-go/pkg/version`, which I think we can leave as is for a while.
 2017-07-21 23:23:35 -07:00
Christoph Blecker
6ad4544778
Use absolute path when updating staging godeps 2017-07-21 18:29:02 -07:00
Kubernetes Submit Queue
22cc294364 Merge pull request #46598 from xiangpengzhao/fix-kubectl-version 
Automatic merge from submit-queue (batch tested with PRs 46210, 48607, 46874, 46598, 49240)

Make "kubectl version" json format output more readable.

**What this PR does / why we need it**:
##39858 adds a flag --output to `kubectl version`, but the json format output is displayed in one line. It's not so readable. This PR fixes it.

and

- adds a shorthand for `output`
- ~~refactors that: if `--short` is specified, `--output` will be ignored~~

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #43750

**Special notes for your reviewer**:
/cc @php-coder @alejandroEsc 

**Release note**:

```release-note
NONE
```
 2017-07-21 17:00:21 -07:00
Chao Xu
44f0188fe7 generated innocuous change 2017-07-21 14:29:59 -07:00
Chao Xu
4bc9195616 remove update-staging-client-go.sh. Note that client-go/pkg/version is copied from kubernetes 2017-07-21 13:35:23 -07:00
Sunil Arora
4d5b96f94e fixed conflict resolution behavior while apply podpresets 2017-07-21 13:19:57 -07:00
Chao Xu
a87ed3871d generate clientset, external listers, and external informers to client-go directly 2017-07-21 13:13:35 -07:00
Kubernetes Submit Queue
ae1ff1a2d4 Merge pull request #48746 from janetkuo/apps-v1beta2 
Automatic merge from submit-queue

Add a new API version apps/v1beta2

xref: #49135
This PR adds a new API version `apps/v1beta2` which contains a copy (of types, conversions, and defaults) of `apps/v1beta1` StatefulSet, Deployment, and their subresources. Note that `apps/v1beta2` is still WIP and we will make breaking changes to it before releasing 1.8.

Moving core controllers (StatefulSet, Deployment, ReplicaSet, DaemonSet) to `apps/v1beta2` is the first step of moving them to `apps/v1` (GA). 

This PR is a starting point for DaemonSet and ReplicaSet to move from `/extensions` to `/apps` and for Deployment and StatefulSet to make some breaking changes (e.g. new defaults and/or remove deprecated fields).

```release-note
Add a new API version apps/v1beta2
```
 2017-07-21 11:47:21 -07:00
Kubernetes Submit Queue
ab6f1f0da1 Merge pull request #48708 from bmwiedemann/date 
Automatic merge from submit-queue (batch tested with PRs 49222, 49333, 48708, 49337)

Allow to override build date

See https://reproducible-builds.org/ for why this is good
and https://reproducible-builds.org/specs/source-date-epoch/
for the definition of this variable.

Background: issue #48710
when trying to build the kubernetes package
for the openSUSE Linux distribution
```
/usr/bin/hyperkube
/usr/bin/kubeadm
/usr/src/kubernetes/platforms/linux/amd64/e2e.test
```
had a date+time string embedded in them in the format
2018-08-15T19:08:34Z

which meant that each build produced new binaries
even when nothing actually changed.
Those then had to be synced to mirrors, wasting their and our users' bandwidth.
 2017-07-20 23:01:21 -07:00
Kubernetes Submit Queue
fcd4bdd7b0 Merge pull request #49252 from caesarxuchao/vendor-staging-import-check 
Automatic merge from submit-queue

Do not allow vendor code to import staging code

Otherwise we cannot update the imported staging code.
 2017-07-20 21:56:59 -07:00
Kubernetes Submit Queue
74ce80f588 Merge pull request #49323 from mtanino/issue/49319 
Automatic merge from submit-queue (batch tested with PRs 49316, 46117, 49064, 48073, 49323)

Enable RBAC by default in hack/local-up-cluster.sh

**What this PR does / why we need it**:

Since hack/local-up-cluster.sh checks https API port after commit 413ab26df9, RBAC should be enabled by default to avoid TLS port access denied.




**Which issue this PR fixes** : Fixes #49319

**Special notes for your reviewer**:

@liggitt 

**Release note**:

```release-note
hack/local-up-cluster.sh now enables RBAC authorization by default
```
 2017-07-20 17:02:54 -07:00
Kubernetes Submit Queue
29f8ff32c2 Merge pull request #48073 from wanghaoran1988/e2e_bootstrap 
Automatic merge from submit-queue (batch tested with PRs 49316, 46117, 49064, 48073, 49323)

add e2e tests for the bootstrapsigner and tokencleaner controllers, integration testing for bootstrap token auth

**What this PR does / why we need it**:
Add e2e test for bootstrap signer

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:
```
None
```
 2017-07-20 17:02:52 -07:00
Chao Xu
d6adc37a0a Do not allow vendored code to import staging code 2017-07-20 15:30:06 -07:00
Kubernetes Submit Queue
feed4aa12a Merge pull request #49234 from mengqiy/master 
Automatic merge from submit-queue (batch tested with PRs 49107, 47177, 49234, 49224, 49227)

Move util/exec to vendor

Move util/exec to vendor.
Update import paths.
Update godep

Part of #48209

Associate PR against `k8s.io/utils` repo: https://github.com/kubernetes/utils/pull/5

```release-note
NONE
```

/assign @apelisse
 2017-07-20 15:08:22 -07:00
Janet Kuo
f6c5392de6 Fix golint failures by skipping auto-generated codes 2017-07-20 14:16:42 -07:00
David Ashpole
7a23f8b018 remove deprecated flags LowDiskSpaceThresholdMB and OutOfDiskTransitionFrequency 2017-07-20 13:23:13 -07:00
Kubernetes Submit Queue
d9bf88ceeb Merge pull request #49229 from shyamjvs/remove-old-logdump 
Automatic merge from submit-queue

Remove old log-dump.sh script

Ref https://github.com/kubernetes/kubernetes/issues/48513

Since we moved to new kubetest image which no longer needs the old one - https://github.com/kubernetes/test-infra/pull/3585

/cc @wojtek-t @fejta
 2017-07-20 12:55:44 -07:00
mtanino
f1351e34e7 Enable RBAC by default in hack/local-up-cluster.sh 
Since hack/local-up-cluster.sh checks https API port
after commit 413ab26df9,
RBAC should be enabled by default to avoid TLS port
access denied.

Fixes #49319
 2017-07-20 15:05:26 -04:00
ymqytw
aa557c1028 fix golint 2017-07-20 11:03:50 -07:00
Janet Kuo
767082e8e9 Add new API version apps/v1beta2 
Add a new API version apps/v1beta2 and enable it by default.
apps/v1beta2 has a copy of apps/v1beta1 types, except for
ControllerRevision.
 2017-07-20 10:25:21 -07:00
Kubernetes Submit Queue
e1a2cf0178 Merge pull request #49216 from sttts/sttts-fix-ugorji-staging-tsort 
Automatic merge from submit-queue

update-codecgen.sh: support staging dirs in tsort logic

Fixes #48984.
 2017-07-20 09:07:55 -07:00
Kubernetes Submit Queue
6a3a570f50 Merge pull request #49276 from CaoShuFeng/audit_doc_trival 
Automatic merge from submit-queue

[trival] fix typo

reopen https://github.com/kubernetes/kubernetes/pull/47300

**Release note**:

```
NONE
```
 2017-07-20 08:13:06 -07:00
Dr. Stefan Schimanski
3a18959288 update-codecgen.sh: add staging dir support to tsort logic 2017-07-20 16:38:36 +02:00
Haoran Wang
f02008338f add integration testing for bootstrap token auth 2017-07-20 22:34:21 +08:00
Kubernetes Submit Queue
5529d01a22 Merge pull request #48810 from sttts/sttts-fuzzer-cleanup 
Automatic merge from submit-queue (batch tested with PRs 49114, 48810)

Unify fuzzers and roundtrip tests

- reorganize apimachinery/pkg/api/testing package to avoid circular imports
- make fuzzers modular per apigroup
- add roundtrip test for meta types
- add roundtrip test for a couple of staging apigroups

Follow-up:

- split `pkg/api` tests by apigroup
 2017-07-20 07:20:40 -07:00
Slava Semushin
bf51722ffb ParseEncryptionConfiguration: simplify code. 
Also improves function name in godoc and many error messages.
 2017-07-20 14:36:21 +02:00
Cao Shufeng
6c7aef07cb fix typo 2017-07-20 18:39:33 +08:00
Dr. Stefan Schimanski
ecc811d263 Unify fuzzers and roundtrip tests 2017-07-20 12:31:00 +02:00
Michail Kargakis
e884eac6fe
Remove myself from a bunch of places 
Signed-off-by: Michail Kargakis <mkargaki@redhat.com>
 2017-07-20 12:10:46 +02:00
Dr. Stefan Schimanski
70947fa3a2 Make staging hack/update-codec.sh scripts relocatable and kube independent 2017-07-20 07:41:37 +02:00
Dr. Stefan Schimanski
edfbb9aa64 Fixup go2idl references 2017-07-20 07:41:37 +02:00
Kubernetes Submit Queue
9e5eb70d55 Merge pull request #46862 from dims/respect-build-platform-env-var 
Automatic merge from submit-queue (batch tested with PRs 49083, 45540, 46862)

Respect KUBE_BUILD_PLATFORMS set by user

**What this PR does / why we need it**:

Currently the only(?) toggle available for custom arch builds is
KUBE_FASTBUILD. We should allow the user to specify a list
of arch(es) in the environment variable KUBE_BUILD_PLATFORMS.

Example:
KUBE_BUILD_PLATFORMS="linux/amd64 linux/arm64" hack/build-cross.sh

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

Fixes #20365

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-07-19 21:18:27 -07:00
Kubernetes Submit Queue
5a3cc4fab6 Merge pull request #49083 from sakeven/fix/golang_version_check 
Automatic merge from submit-queue (batch tested with PRs 49083, 45540, 46862)

update golang version to go1.8

Signed-off-by: sakeven <jc5930@sina.cn>



**What this PR does / why we need it**:

There are some code breaking the compatibility with golang 1.6. Now kubernetes only support golang 1.8.
We need to update golang version check script.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #49082

**Special notes for your reviewer**:

**Release note**:

```
NONE
```
 2017-07-19 21:18:23 -07:00
Kubernetes Submit Queue
f14472ffdd Merge pull request #49144 from mikedanese/sig-lifecycle-tests 
Automatic merge from submit-queue (batch tested with PRs 48377, 48940, 49144, 49062, 49148)

fixit: break sig-cluster-lifecycle tests into subpackage

this is part of fixit week. ref #49161

@kubernetes/sig-cluster-lifecycle-misc
 2017-07-19 19:10:14 -07:00
Kubernetes Submit Queue
8d26afa8a6 Merge pull request #48377 from bsalamat/priority_class 
Automatic merge from submit-queue

Add PriorityClass API object under new "scheduling" API group

**What this PR does / why we need it**: This PR is a part of a series of PRs to add pod priority to Kubernetes. This PR adds a new API group called "scheduling" with a new API object called "PriorityClass". PriorityClass maps the string value of priority to its integer value.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**: Given the size of this PR, I will add the admission controller for the PriorityClass in a separate PR.

**Release note**:

```release-note
Add PriorityClass API object under new "scheduling" API group
```

ref/ #47604
ref/ #48646
 2017-07-19 19:04:29 -07:00
Davanum Srinivas
476e816107 Respect KUBE_BUILD_PLATFORMS set by user 
Currently the only(?) toggle available for custom arch builds is
KUBE_FASTBUILD. We should allow the user to specify a list
of arch(es) in the environment variable KUBE_BUILD_PLATFORMS.

Example:
KUBE_BUILD_PLATFORMS="linux/amd64 linux/arm64" hack/build-cross.sh

Fixes #20365
 2017-07-19 20:00:39 -04:00
Kubernetes Submit Queue
3fb2d8248d Merge pull request #48964 from ixdy/switch-to-kazel 
Automatic merge from submit-queue

Switch from gazel to kazel

**What this PR does / why we need it**: switches to `kazel`, where all new development will be focused. Part of the effort for switching from `gazel` to `gazelle`.

I'm imagining that we'll use `kube::util::go_install_from_commit` to version `gazelle` as well.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: x-ref #47558

**Release note**:

```release-note
NONE
```

/release-note-none
/assign @mikedanese @spxtr
 2017-07-19 13:31:24 -07:00
Shyam Jeedigunta
d2bf533938 Remove deprecated cluster/log-dump.sh 2017-07-19 21:50:09 +02:00
Kubernetes Submit Queue
b78fc209a4 Merge pull request #49045 from ericchiang/remove-anytoken-authenticator-option 
Automatic merge from submit-queue (batch tested with PRs 49058, 49072, 49137, 49182, 49045)

*: remove --insecure-allow-any-token option

~Since the authenticator is still used in e2e tests, don't remove
the actual package. Maybe a follow up?~

edit: e2e and integration tests have been switched over to the tokenfile
authenticator instead.

```release-note
The --insecure-allow-any-token flag has been removed from kube-apiserver. Users of the flag should use impersonation headers instead for debugging.
```

closes #49031

cc @kubernetes/sig-auth-pr-reviews
 2017-07-19 10:27:29 -07:00
Kubernetes Submit Queue
92d310eddc Merge pull request #49072 from xilabao/wait-rbac-in-local-cluster 
Automatic merge from submit-queue (batch tested with PRs 49058, 49072, 49137, 49182, 49045)

use https to check healthz in hack/local-up-cluster.sh

**What this PR does / why we need it**:
```
# PSP_ADMISSION=true ALLOW_PRIVILEGED=true ALLOW_SECURITY_CONTEXT=true ALLOW_ANY_TOKEN=true ENABLE_RBAC=true RUNTIME_CONFIG="extensions/v1beta1=true,extensions/v1beta1/podsecuritypolicy=true" hack/local-up-cluster.sh
...
Waiting for apiserver to come up
+++ [0718 09:34:38] On try 5, apiserver: : 
Cluster "local-up-cluster" set.
use 'kubectl --kubeconfig=/var/run/kubernetes/admin-kube-aggregator.kubeconfig' to use the aggregated API server
Creating kube-system namespace
clusterrolebinding "system:kube-dns" created
serviceaccount "kube-dns" created
configmap "kube-dns" created
error: unable to recognize "kubedns-deployment.yaml": no matches for extensions/, Kind=Deployment
service "kube-dns" created
Kube-dns deployment and service successfully deployed.
kubelet ( 10952 ) is running.
Create podsecuritypolicy policies for RBAC.
unable to recognize "/home/nfs/mygo/src/k8s.io/kubernetes/examples/podsecuritypolicy/rbac/policies.yaml": no matches for extensions/, Kind=PodSecurityPolicy
unable to recognize "/home/nfs/mygo/src/k8s.io/kubernetes/examples/podsecuritypolicy/rbac/policies.yaml": no matches for extensions/, Kind=PodSecurityPolicy
unable to recognize "/home/nfs/mygo/src/k8s.io/kubernetes/examples/podsecuritypolicy/rbac/roles.yaml": no matches for rbac.authorization.k8s.io/, Kind=ClusterRole
unable to recognize "/home/nfs/mygo/src/k8s.io/kubernetes/examples/podsecuritypolicy/rbac/roles.yaml": no matches for rbac.authorization.k8s.io/, Kind=ClusterRole
unable to recognize "/home/nfs/mygo/src/k8s.io/kubernetes/examples/podsecuritypolicy/rbac/bindings.yaml": no matches for rbac.authorization.k8s.io/, Kind=ClusterRoleBinding
unable to recognize "/home/nfs/mygo/src/k8s.io/kubernetes/examples/podsecuritypolicy/rbac/bindings.yaml": no matches for rbac.authorization.k8s.io/, Kind=ClusterRoleBinding
unable to recognize "/home/nfs/mygo/src/k8s.io/kubernetes/examples/podsecuritypolicy/rbac/bindings.yaml": no matches for rbac.authorization.k8s.io/, Kind=ClusterRoleBinding
Create default storage class for 
error: unable to recognize "/home/nfs/mygo/src/k8s.io/kubernetes/cluster/addons/storage-class/local/default.yaml": no matches for storage.k8s.io/, Kind=StorageClass
Local Kubernetes cluster is running. Press Ctrl-C to shut it down.

Logs:
  /tmp/kube-apiserver.log
  /tmp/kube-controller-manager.log
  /tmp/kube-proxy.log
  /tmp/kube-scheduler.log
  /tmp/kubelet.log
...
```

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47739

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-07-19 10:27:23 -07:00
Mike Danese
3c39173ee4 fixit: break sig-cluster-lifecycle tests into subpackage 2017-07-19 10:14:51 -07:00
Kubernetes Submit Queue
6af05149aa Merge pull request #49058 from shyamjvs/logexporter-support 
Automatic merge from submit-queue

Pass logexporter config through e2e framework

Ref https://github.com/kubernetes/kubernetes/issues/48513

/cc @wojtek-t @fejta
 2017-07-19 09:57:47 -07:00
Kubernetes Submit Queue
2e6e314ade Merge pull request #49091 from sttts/sttts-metrics-imports 
Automatic merge from submit-queue

k8s.io/metrics: restrict k8s.io/metrics imports
 2017-07-19 06:11:39 -07:00
Bernhard M. Wiedemann
cd0e7b9e17 Allow to override build date 
See https://reproducible-builds.org/ for why this is good
and https://reproducible-builds.org/specs/source-date-epoch/
for the definition of this variable.
 2017-07-19 13:27:13 +02:00
Kubernetes Submit Queue
c0be1671f2 Merge pull request #49095 from sttts/sttts-metrics-godeps 
Automatic merge from submit-queue (batch tested with PRs 49116, 49095)

update-staging-godeps: do not exclude k8s.io/metrics

Counterpart to https://github.com/kubernetes/test-infra/pull/3560
 2017-07-19 03:21:27 -07:00
Kubernetes Submit Queue
36ade22a5a Merge pull request #49116 from sttts/sttts-authorative-api-v1-ref 
Automatic merge from submit-queue (batch tested with PRs 49116, 49095)

Move pkg/api/v1/ref -> client-go/tools/reference

`pkg/api/v1/ref` is the only remaining package copied from pkg/api/v1 to client-go via staging/copy.sh.
 2017-07-19 03:21:25 -07:00
Kubernetes Submit Queue
164cae1151 Merge pull request #46755 from CaoShuFeng/cani-test-cmd 
Automatic merge from submit-queue (batch tested with PRs 49120, 46755, 49157, 49165, 48950)

add cmd test for kubectl auth can-i

**Release note**:

```
NONE
```
 2017-07-19 00:06:23 -07:00
Kubernetes Submit Queue
ccaaf5cad5 Merge pull request #48232 from caesarxuchao/move-admission-v1alph1 
Automatic merge from submit-queue (batch tested with PRs 48702, 48965, 48740, 48974, 48232)

Move admission/v1alpha1 to k8s.io/api

Fix https://github.com/kubernetes/kubernetes/issues/47972
 2017-07-18 20:06:21 -07:00
Kubernetes Submit Queue
fc1d2b3be7 Merge pull request #48256 from xiangpengzhao/move-pkg-util 
Automatic merge from submit-queue (batch tested with PRs 48481, 48256)

Refactor: pkg/util into sub-pkgs

**What this PR does / why we need it**:
- move code in pkg/util into sub-pkgs
- delete some unused funcs

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #15634

**Special notes for your reviewer**:
This is the final work of #15634. It will close that issue.
/cc @thockin 

**Release note**:

```release-note
NONE
```
 2017-07-18 18:19:19 -07:00
Bobby Salamat
33e6a476ba Add PriorityClass API 
Add PriorityClass to pkg/registry

Add PriorityClass to pkg/master/master.go

Add PriorityClass to import_know_versions.go

Update linted packages

minor fix
 2017-07-18 17:47:57 -07:00
Eric Chiang
e2f2ab67f2 *: remove --insecure-allow-any-token option 
e2e and integration tests have been switched over to the tokenfile
authenticator instead.

```release-note
The --insecure-allow-any-token flag has been removed from kube-apiserver. Users of the flag should use impersonation headers instead for debugging.
```
 2017-07-18 16:03:15 -07:00
Chao Xu
590793f9a7 generated 2017-07-18 15:20:05 -07:00
Shyam Jeedigunta
5cdedd22cf Pass logexporter config through e2e framework 2017-07-18 23:28:06 +02:00
Dr. Stefan Schimanski
5925a0a1df Move pkg/api/v1/ref -> client-go/tools/reference 2017-07-18 22:45:43 +02:00
Jeff Grafton
64b0c9ec47 Switch from gazel to kazel, and move kazelcfg into build/root 2017-07-18 12:48:51 -07:00
Jeff Grafton
9ac0950166 Add utility function to install go package at a particular commit 2017-07-18 12:48:02 -07:00
Fabiano Franz
71cbad7cbb Flag support in kubectl plugins 2017-07-18 15:35:40 -03:00
Dr. Stefan Schimanski
1d1ec2c016 update-staging-godeps: do not exclude k8s.io/metrics 2017-07-18 10:22:54 +02:00
Dr. Stefan Schimanski
4677b1776e k8s.io/metrics: restrict k8s.io/metrics imports 2017-07-18 10:11:45 +02:00
Dr. Stefan Schimanski
78ce38b926 deepcopy: run deepcopy-gen in client-go 2017-07-18 09:28:48 +02:00
Dr. Stefan Schimanski
39d95b9b06 deepcopy: add interface deepcopy funcs 
- add DeepCopyObject() to runtime.Object interface
- add DeepCopyObject() via deepcopy-gen
- add DeepCopyObject() manually
- add DeepCopySelector() to selector interfaces
- add custom DeepCopy func for TableRow.Cells
 2017-07-18 09:28:47 +02:00
xiangpengzhao
01daf707c5 Refactor: pkg/util into sub-pkgs 2017-07-18 14:34:08 +08:00
sakeven
e6d2d726ed update golang version to go1.8 
Signed-off-by: sakeven <jc5930@sina.cn>
 2017-07-18 14:11:28 +08:00
Kubernetes Submit Queue
0d88afa131 Merge pull request #48102 from liggitt/optional-doc-generation 
Automatic merge from submit-queue (batch tested with PRs 49043, 49001, 49057, 49066, 48102)

Make doc generation on cherry-picks optional

Follow up of https://github.com/kubernetes/kubernetes/pull/46993, xref #44533

Most cherry-picks don't require doc changes, and doing it unconditionally actually breaks picking to the release-1.6 branch
 2017-07-17 22:21:23 -07:00
Kubernetes Submit Queue
6507a94d8e Merge pull request #49001 from fejta/ginkgo 
Automatic merge from submit-queue (batch tested with PRs 49043, 49001, 49057, 49066, 48102)

Explicitly set --cluster-ip-range --clean-start --minStartupPods

ref https://github.com/kubernetes/test-infra/pull/3535 https://github.com/kubernetes/test-infra/pull/3375

Also remove unused `GINKGO_PARALLELISM`

/assign @krzyzacy @ixdy
 2017-07-17 22:21:15 -07:00
Kubernetes Submit Queue
c8fb186391 Merge pull request #49043 from zmerlynn/allow-external-node-instance-group 
Automatic merge from submit-queue (batch tested with PRs 49043, 49001, 49057, 49066, 48102)

cluster/gke: If NODE_INSTANCE_GROUP is set, don't execute any bash

Transitional part of kubernetes/test-infra#3307, should be eliminated by kubernetes/test-infra#3330: 
Allow NODE_INSTANCE_GROUP to be set externally from `hack/ginkgo-e2e.sh`, which eliminates any cluster/gke use if KUBERNETES_CONFORMANCE_PROVIDER is set to `gke`.

```release-note
NONE
```
 2017-07-17 22:21:13 -07:00
Chen Rong
413ab26df9 use https to check healthz in hack/local-up-cluster.sh 2017-07-18 12:17:47 +08:00
xiangpengzhao
a6be3b64f8 Make "kubectl version" json output more readable. 2017-07-18 11:21:35 +08:00
Joe Finney
ab5e285197 Invert .linted_packages into .golint_failures. 2017-07-17 14:37:40 -07:00
Zach Loafman
3a2e9d51bb cluster/gke: If NODE_INSTANCE_GROUP is set, don't execute any bash 
Transitional part of kubernetes/test-infra#3307, should be eliminated
by kubernetes/test-infra#3330: Allow NODE_INSTANCE_GROUP to be set
before we get here, which eliminates any cluster/gke use if
KUBERNETES_CONFORMANCE_PROVIDER is set to "gke".
 2017-07-17 14:26:10 -07:00
Kubernetes Submit Queue
8b39fa9cd1 Merge pull request #48494 from mkumatag/webserver 
Automatic merge from submit-queue (batch tested with PRs 48494, 48733)

Move test-webserver from contrib/for-demos to kubernetes/test/images

**What this PR does / why we need it**:
This PR is for
- Moving the https://github.com/kubernetes/contrib/tree/master/for-demos/test-webserver to kubernetes/test/images - Refer https://github.com/kubernetes/contrib/pull/2544 for more information
- Multi architecture support for test-webserver image

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
```
 2017-07-17 08:43:37 -07:00
Shiyang Wang
f1afc3d09d fix sort-by output problem 2017-07-17 10:26:34 +08:00
Erick Fejta
46bcc330b7 Explicitly set --cluster-ip-range --clean-start --minStartupPods 2017-07-16 18:18:43 -07:00
Kubernetes Submit Queue
8ce6378512 Merge pull request #46091 from xilabao/new-output-in-edit 
Automatic merge from submit-queue (batch tested with PRs 46091, 48280)

allow output patch string in edit command

**What this PR does / why we need it**:
allow user to get the patch from edit command if user is not familiar with the patch format.

```
# ./cluster/kubectl.sh create role a --verb=get,list --resource=no
role "a" created

# ./cluster/kubectl.sh edit role a --output-patch=true
Patch: {"rules":[{"apiGroups":[""],"resources":["nodes"],"verbs":["get","list","delete"]}]}
role "a" edited

# ./cluster/kubectl.sh create role b --verb=get,list --resource=no
role "b" created

# ./cluster/kubectl.sh patch role b -p '{"rules":[{"apiGroups":[""],"resources":["nodes"],"verbs":["get","list","delete"]}]}'
role "b" patched
```
**Which issue this PR fixes**: fixes #47173

**Special notes for your reviewer**:

**Release note**:

```release-note
Could get the patch from kubectl edit command
```
 2017-07-16 18:04:42 -07:00
Kubernetes Submit Queue
3448d2fa86 Merge pull request #48906 from caesarxuchao/fix-import-cycle 
Automatic merge from submit-queue (batch tested with PRs 44129, 48030, 48906)

Fix import cycle

Removed apimahcinery's dependency on k8s.io/api, introduced in https://github.com/kubernetes/kubernetes/pull/48497#discussion_r127312690.

Fixed hack/verify-staging-imports.sh to prevent future occurrences.
 2017-07-15 17:13:41 -07:00
Kubernetes Submit Queue
cab07f3af0 Merge pull request #46893 from yguo0905/image-spec 
Automatic merge from submit-queue (batch tested with PRs 48890, 46893, 48872, 48896)

Support customized system spec in the node conformance test and create the GKE system spec

ref: https://github.com/kubernetes/kubernetes/issues/46891

- System specs are located in `test/e2e_node/system/specs`. Created one for validating GKE images in `test/e2e_node/system/specs/gke.yaml`.
- `--image-spec-name` can be used to specify a system spec in node e2e and conformance tests. This option maps to `SYSTEM_SPEC_NAME` in a test properties file, which is the user facing configuration. So, users can specify `SYSTEM_SPEC_NAME=gke` to run the image validation using the GKE system spec.
- If `SYSTEM_SPEC_NAME` is unspecified, the default spec (`system.DefaultSysSpec`) will be used.
- We can also use `make test-e2e-node SYSTEM_SPEC_NAME=gke` to run tests using GKE image spec.

**Release note**:
`None`
 2017-07-14 16:49:52 -07:00
Kubernetes Submit Queue
048b0600f9 Merge pull request #48842 from enisoc/quick-verify 
Automatic merge from submit-queue

Add quick-verify make rule.

This is useful for humans to run to catch obvious problems before
pushing commits and waiting for CI to run verify checks.

Quick mode only runs a whitelist of verify scripts that are reasonably fast.
I set the initial bar arbitrarily at <10s each on my workstation.

The whole set runs in <30s for me, assuming I had already run `make` and
`hack/godep-restore.sh`. This is compared to the full `make verify`
which takes [I don't know how long because I gave up after 45min].
 2017-07-14 14:38:28 -07:00
Kubernetes Submit Queue
df47592d5a Merge pull request #48854 from colemickens/msi 
Automatic merge from submit-queue (batch tested with PRs 47066, 48892, 48933, 48854, 48894)

azure: msi: add managed identity field, logic

**What this PR does / why we need it**: Enables managed service identity support for the Azure cloudprovider. "Managed Service Identity" allows us to ask the Azure Compute infra to provision an identity for the VM. Users can then retrieve the identity and assign it RBAC permissions to talk to Azure ARM APIs for the purpose of the cloudprovider needs.

Per the commit text:
```
The azure cloudprovider will now use the Managed Service Identity
to retrieve access tokens for the Azure ARM APIs, rather than
requiring hard-coded, user-specified credentials.
```

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: n/a 

**Special notes for your reviewer**: none

**Release note**:

```release-note
azure: support retrieving access tokens via managed identity extension
```

cc: @brendandburns @jdumars @anhowe
 2017-07-14 12:50:55 -07:00
Kubernetes Submit Queue
9e97b5249b Merge pull request #46360 from khenidak/azure-pd-final 
Automatic merge from submit-queue

Azure PD (Managed/Blob)

This is exactly the same code as this [PR](https://github.com/kubernetes/kubernetes/pull/41950). It has a clean set of generated items. We created a separate PR to accelerate the accept/merge the PR

CC @colemickens 
CC @brendandburns 

**What this PR does / why we need it**:

1. Adds K8S support for Azure Managed Disks. 
2. Adds support for dedicated blob disks (1:1 to storage account) in addition to shared blob disks (n:1 to storage account). 
3. Automatically manages the underlying storage accounts. New storage accounts are created at 50% utilization. Max is 100 disks, 60 disks per storage account.    
2. Addresses the current issues with Blob Disks:
..* Significantly faster attach process. Disks are now usually available for pods on nodes under 30 sec if formatted, under a min if not formatted. 
..* Adds support to move disks between nodes.
..* Adds consistent attach/detach behavior, checks if the disk is leased/attached on a different node before attempting to attach to target nodes.
..* Fixes a random hang behavior on Azure VMs during mount/format (for both blob + managed disks).
..* Fixes a potential conflict by avoiding the use of disk names for mount paths. The new plugin uses hashed disk uri for mount path.  

The existing AzureDisk is used as is. Additional "kind" property was added  allowing the user to decide if the pd will be shared, dedicated or managed (Azure Managed Disks are used).

Due to the change in mounting paths, existing PDs need to be recreated as PV or PVCs on the new plugin.
 2017-07-14 09:57:51 -07:00
Yang Guo
22c9e23202 Supports customized system spec in the node conformance test and creates the GKE system spec 2017-07-14 09:39:19 -07:00
Kubernetes Submit Queue
ca0a868823 Merge pull request #48651 from shyamjvs/logexporter-supporter 
Automatic merge from submit-queue (batch tested with PRs 48864, 48651, 47703)

Enable logexporter mechanism to dump logs from k8s nodes to GCS directly

Ref https://github.com/kubernetes/kubernetes/issues/48513

This adds support for logexporter from k8s side. Next I'll send a PR adding support from test-infra side.

/cc @kubernetes/sig-scalability-misc @kubernetes/test-infra-maintainers @fejta @wojtek-t @gmarek
 2017-07-14 03:10:45 -07:00
Khaled Henidak & Andy Zhang
677e593d86 Add Azure managed disk support 2017-07-14 14:09:44 +08:00
Kubernetes Submit Queue
a14abaabab Merge pull request #48824 from yguo0905/docker-validation 
Automatic merge from submit-queue (batch tested with PRs 48082, 48815, 48901, 48824)

Add test image name to the OS image field of the perf metrics

I'd like to add the resource usage benchmarks for COS m60 (docker 1.13.1) but don't want to remove the existing m59 (docker 1.11.2) [ones](https://github.com/kubernetes/kubernetes/blob/master/test/e2e_node/jenkins/benchmark/benchmark-config.yaml#L51-L71), in order to compare the results between the two docker versions.

The `image` reported in the metrics is from `Node.Status.NodeInfo.OSImage`, which is always "Container-Optimized OS from Google" (from `/etc/os-releases`) for COS. So there's no way to differentiate two milestones in the metrics.

This PR attaches the [image name](https://github.com/kubernetes/kubernetes/blob/master/test/e2e_node/jenkins/benchmark/benchmark-config.yaml#L52) to the `image` field of the metrics. So it will become "Container-Optimized OS from Google (cos-stable-59-9460-64-0)".

See the results of the test run:

[performance-memory-containervm-resource1-resource_0.json](https://storage.googleapis.com/ygg-gke-dev-bucket/e2e-node-test/ci-kubernetes-node-kubelet-benchmark/13/artifacts/performance-memory-containervm-resource1-resource_0.json)
[performance-memory-coreos-resource1-resource_0.json](https://storage.googleapis.com/ygg-gke-dev-bucket/e2e-node-test/ci-kubernetes-node-kubelet-benchmark/13/artifacts/performance-memory-coreos-resource1-resource_0.json)
[performance-memory-gci-resource1-resource_0.json](https://storage.googleapis.com/ygg-gke-dev-bucket/e2e-node-test/ci-kubernetes-node-kubelet-benchmark/13/artifacts/performance-memory-gci-resource1-resource_0.json)

**Release note**:
```
None
```

Ref: https://github.com/kubernetes/kubernetes/issues/42926

/sig node
/area node-e2e
/assign @dchen1107
 2017-07-13 22:44:00 -07:00
Kubernetes Submit Queue
8ad1be7833 Merge pull request #44475 from freehan/checkpoint-test 
Automatic merge from submit-queue

add dockershim checkpoint node e2e test

Add a bunch of disruptive cases to test kubelet/dockershim's checkpoint work flow.

Some steps are quite hacky. Not sure if there is better ways to do things.
 2017-07-13 18:50:10 -07:00
Cole Mickens
cd177dcd11 add pkg/credentailprovider/azure to hack/.linted_packages 2017-07-13 14:29:11 -07:00
Chao Xu
40be152c95 update verify-staging-imports.sh 2017-07-13 13:01:35 -07:00
Anthony Yeh
db869a6b0b
Add quick-verify make rule. 
This is useful for humans to run to catch obvious problems before
pushing commits and waiting for CI to run verify checks.

Quick mode only runs a whitelist of verify scripts that are reasonably fast.
I set the initial bar arbitrarily at <10s each on my workstation.

The whole set runs in <30s for me, assuming I had already run `make` and
`hack/godep-restore.sh`. This is compared to the full `make verify`
which takes [I don't know how long because I gave up after 45min].
 2017-07-12 16:29:31 -07:00
Anthony Yeh
e3fed1ce6d
Allow verify-sh to run in SILENT mode. 
Because of nounset, it was impossible to run without -v.
 2017-07-12 15:02:52 -07:00
Yang Guo
b17c6a1769 Add test image name to the OS image field of the perf metrics 2017-07-12 14:51:45 -07:00
Kubernetes Submit Queue
77b6b126cb Merge pull request #48641 from smarterclayton/refactor_exec 
Automatic merge from submit-queue (batch tested with PRs 48594, 47042, 48801, 48641, 48243)

Prepare to introduce websockets for exec and portforward

Refactor the code in remotecommand to better represent the structure of
what is common between portforward and exec.

Ref #48633
 2017-07-12 14:08:10 -07:00
Kubernetes Submit Queue
50aa8e0f07 Merge pull request #48794 from gyliu513/remove-mesos-flags 
Automatic merge from submit-queue (batch tested with PRs 48279, 48566, 48319, 48794, 47952)

Removed mesos flags from known-flags.txt.

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
none
```
 2017-07-12 11:52:21 -07:00
Shyam Jeedigunta
5f8cb3d9ff Enable logexporter mechanism to dump logs from k8s nodes to GCS directly 2017-07-12 14:39:49 +02:00
Kubernetes Submit Queue
0e461035cb Merge pull request #48734 from tallclair/namechange 
Automatic merge from submit-queue (batch tested with PRs 48698, 48712, 48516, 48734, 48735)

Name change: s/timstclair/tallclair/

I changed my name, and I'm migrating my user name to be consistent.
 2017-07-12 04:56:32 -07:00
Kubernetes Submit Queue
1f1f9ef962 Merge pull request #48549 from maleck13/add-generated-clients 
Automatic merge from submit-queue (batch tested with PRs 47948, 48631, 48693, 48549, 47593)

add generated clients. modify codegen script 

**What this PR does / why we need it**:
Adds in the generated clientsets for the sample apiserver. Modifies the update-codgen script to copy over the client from the generated location. We need it in order to be able to add integrations and unit tests that make use of the clientsets and their fakes.

**Special notes for your reviewer**:
@deads2k  @p0lyn0mial  hopefully done the correct thing here. Not 100% sure on needing the copy but it seemed what was needed to get the import paths correct?

**Release note**:

```release-note
NONE
```
 2017-07-12 04:03:58 -07:00
Kubernetes Submit Queue
172df7e23d Merge pull request #46865 from sttts/sttts-kube-apiserver-run-test 
Automatic merge from submit-queue

kube-apiserver: tests for aggregation and CRDs via delegation

In our integration tests we do not use the real kube-apiserver setup code, but mock our own. Here I use the actual `cmd/kube-apiserver/app.Run()` func with an testing etcd server. This can test the whole delegation chain of aggregator, apiextensions and kube-apiserver.
 2017-07-12 02:55:15 -07:00
Guangya Liu
104ed33a48 Removed mesos flags from known-flags.txt. 2017-07-12 16:15:00 +08:00
Kubernetes Submit Queue
d396ac53dc Merge pull request #48625 from MrHohn/kube-proxy-metrics-flags 
Automatic merge from submit-queue (batch tested with PRs 47232, 48625, 48613, 48567, 39173)

Make kube-proxy's MetricsBindAddress configurable via flag

**What this PR does / why we need it**: From #48600, `MetricsBindAddress` used to be configurable through flag (coupled with `HealthzBindAddress`). But this functionality went away after #44968 separated healthz server from metrics server. This PR adds that functionality back.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: 

**Special notes for your reviewer**:
/assign @ncdc 
cc @bowei @r0bj

**Release note**:

```release-note
none
```
 2017-07-12 00:10:14 -07:00
Dr. Stefan Schimanski
5835cfbcce kube-apiserver: add integration test with real Run() func 
- for simple Run()
- for aggregation API group priorities
- for CRD creation
 2017-07-12 08:47:25 +02:00
Kubernetes Submit Queue
b07581e60f Merge pull request #47719 from xilabao/fix-set-selector-1 
Automatic merge from submit-queue (batch tested with PRs 48196, 42783, 48507, 47719, 46138)

fix parse resource in setting selector

**What this PR does / why we need it**:

**Which issue this PR fixes**: fixes #47718

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-07-11 23:09:13 -07:00
craig
87f8e79658 Add generated clients. modify codegen script to make modification easier and to allow it to work from the root of the sample server. 
fix issue where binaries not being removed. Add new client packages to lint

put new linted packages in correct location. remove flag from variables

Add all pkgs that should be linted and run sort

Add output from hack/update-bazel.sh

remove genclient=true from FischerList and regenerate client

re update bazel build files

fix missing resource method in register.go
 2017-07-11 19:49:37 +01:00
Tim Allclair
a2f2e1d491 Name change: s/timstclair/tallclair/ 2017-07-10 14:05:46 -07:00
Dr. Stefan Schimanski
cd2552749f godep-save.sh: workaround broken vendor/github.com/docker/docker/project/CONTRIBUTING.md symlink 2017-07-10 13:02:38 +02:00
Dr. Stefan Schimanski
9775a66310 godep-save.sh: add verbosity 2017-07-10 13:02:38 +02:00
Clayton Coleman
cf026a3314
Move SPDY specific code into its own package 2017-07-09 16:11:05 -04:00
Kubernetes Submit Queue
5ca03d674e Merge pull request #48653 from cblecker/verify-godep-fix 
Automatic merge from submit-queue (batch tested with PRs 47040, 48597, 48608, 48653)

Fix godep verify to use godep restore script

**What this PR does / why we need it**:
A bug was introduced in #48615. `hack/verify-godeps.sh` only downloads and compares if godeps have changed, so it wasn't caught on the original PR. However, when it does run (e.g. https://k8s-gubernator.appspot.com/build/kubernetes-jenkins/pr-logs/pull/48630/pull-kubernetes-verify/38350/) it fails because the godep-save script now doesn't permit a compex GOPATH. verify-godeps.sh actually sets one because it restores godeps not using the `hack/godep-restore.sh` script.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```

/assign @sttts
/priority failing-test
 2017-07-08 15:33:28 -07:00
Kubernetes Submit Queue
7201e1c848 Merge pull request #48660 from sttts/sttts-hack-owners 
Automatic merge from submit-queue

hack/OWNERS: add myself (sttts)
 2017-07-08 07:09:57 -07:00
Kubernetes Submit Queue
ed66bfd2a1 Merge pull request #48604 from sttts/sttts-remove-tpr-example 
Automatic merge from submit-queue (batch tested with PRs 48497, 48604, 48599, 48560, 48546)

client-go: remove TPR example

Now that the TPR api is gone (https://github.com/kubernetes/kubernetes/issues/48152).
 2017-07-08 07:09:33 -07:00
Kubernetes Submit Queue
af3dde34a6 Merge pull request #48497 from shiywang/move 
Automatic merge from submit-queue (batch tested with PRs 48497, 48604, 48599, 48560, 48546)

Move pkg/apimachinery/test to apimachinery

Fixes https://github.com/kubernetes/kubernetes/issues/48265

for circular dependency reason, all the test file contain both `"k8s.io/apimachinery/pkg/apis/meta/v1"` and `"k8s.io/apimachinery/pkg/runtime"` is hard to move to a ideal location, so I create a separated test package for those files

I also bump the example package :https://github.com/kubernetes/kubernetes/tree/master/staging/src/k8s.io/apiserver/pkg/apis/example here for apimachinery, @sttts told me it's ok if to bump file if only for test   EDIT: seems it's no need to bump, will update soon
```
NONE
```
 2017-07-08 07:09:31 -07:00
Dr. Stefan Schimanski
bc80a679c4 hack/OWNERS: add myself (sttts) 2017-07-08 11:01:03 +02:00
Kubernetes Submit Queue
6cd6d89d40 Merge pull request #48410 from xiangpengzhao/remove-empty-util-dir 
Automatic merge from submit-queue (batch tested with PRs 47234, 48410, 48514, 48529, 48348)

Remove unused sub-pkgs in pkg/util

**What this PR does / why we need it**:
Remove no longer used sug-pkgs in pkg/util

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #48386

**Special notes for your reviewer**:
/cc @deads2k 

**Release note**:

```release-note
NONE
```
 2017-07-07 23:53:34 -07:00
Christoph Blecker
8b3bf13806
Fix godep verify to use godep restore script 2017-07-07 23:16:54 -07:00
Christoph Blecker
2b111c5a55
Run verify-godeps.sh fully if hack/ dir changes 2017-07-07 23:16:37 -07:00
Shiyang Wang
da4a875ef8 Move pkg/apimachinery/test to apimachinery 2017-07-08 08:48:38 +08:00
Zihong Zheng
a4e359aa12 Make kube-proxy's MetricsBindAddress configurable via flag 2017-07-07 12:46:20 -07:00
Dr. Stefan Schimanski
918721078f godep-save.sh: add sanity checks 2017-07-07 21:16:34 +02:00
Dr. Stefan Schimanski
b34464241d client-go: remove TPR example 2017-07-07 14:13:46 +02:00
xilabao
0ba41e7285 fix parse resource in setting selector 2017-07-07 10:36:29 +08:00
Kubernetes Submit Queue
b00df7eb89 Merge pull request #47435 from luxas/kubeadm_new_selfhosting 
Automatic merge from submit-queue (batch tested with PRs 47435, 46044)

kubeadm: Make self-hosting work and split it out to a phase

**What this PR does / why we need it**:

 - Removes the old self-hosting code
 - Puts the new self-hosting code in `phases/selfhosting`
   - The new code reads manifests from disk (static pods)...
   - ...mutates the PodSpec as necessary...
   - ...and posts the DaemonSet to the API Server...
   - ...and waits for it to come up
 - Uses DaemonSets for all control plane components
 - Creates a `kubeadm alpha phase selfhosting` command that can be invoked against any kubeadm-cluster after install.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

fixes: https://github.com/kubernetes/kubeadm/issues/127
(large part of at least)

**Special notes for your reviewer**:

Please only review the fourth commit, based on https://github.com/kubernetes/kubernetes/pull/47345

**Release note**:

```release-note
kubeadm: Make self-hosting work by using DaemonSets and split it out to a phase that can be invoked via the CLI
```
@kubernetes/sig-cluster-lifecycle-pr-reviews @jbeda
 2017-07-06 12:43:39 -07:00
Lucas Käldström
9f1c5a6f0f
kubeadm self-hosting: unit tests and bazel 2017-07-06 20:54:47 +03:00
Kubernetes Submit Queue
9cfb0ae565 Merge pull request #48508 from mengqiy/fix_term 
Automatic merge from submit-queue

fix cross build

Fix the issue introduced in #48299 which breaks cross-build (https://github.com/kubernetes/kubernetes/pull/48299#issuecomment-312846398).
move setsize.go and setsize_unsupported.go back to util/term for kubelet.
move unmark_windows.go as well.

```release-note
NONE
```
 2017-07-06 00:08:49 -07:00
Kubernetes Submit Queue
c0c3fe011c Merge pull request #48292 from mml/fnord 
Automatic merge from submit-queue (batch tested with PRs 48292, 48121)

Return a slightly more verbose error when "go get" fails.
 2017-07-05 17:41:38 -07:00
Kubernetes Submit Queue
b39a0a7482 Merge pull request #48489 from xiangpengzhao/check-golint 
Automatic merge from submit-queue (batch tested with PRs 48309, 48489)

Check if golint exists first in hack/verify-golint.sh

**What this PR does / why we need it**:
Check if golint exists first in hack/verify-golint.sh

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #48488

**Special notes for your reviewer**:
nope.

**Release note**:

```release-note
NONE
```
 2017-07-05 15:50:12 -07:00
Matt Liggett
421166db0f Fix e2e_test.go 2017-07-05 14:24:25 -07:00
ymqytw
ce561b2044 fix cross build for windows 2017-07-05 12:42:41 -07:00
deads2k
254e71bfc6 bulk delete of tpr packages 2017-07-05 11:02:23 -04:00
Manjunath A Kumatagi
5447ec97f0 Move test-webserver from contrib/for-demos to kubernetes/test/images 2017-07-05 18:55:40 +05:30
Kubernetes Submit Queue
c10cc3decd Merge pull request #48353 from deads2k/tpr-17-delete-01 
Automatic merge from submit-queue (batch tested with PRs 48480, 48353)

remove tpr api access

xref https://github.com/kubernetes/kubernetes/issues/48152

TPR tentacles go pretty deep. This gets us started by removing API access and we'll move down from there.

@kubernetes/sig-api-machinery-misc 
@ironcladlou this should free up the GC implementation since TPRs will no longer be present and failing.

```release-note
Removing TPR api access per https://github.com/kubernetes/kubernetes/issues/48152
```
 2017-07-05 05:49:30 -07:00
xiangpengzhao
c265719759 Check if golint exists first in hack/verify-golint.sh 2017-07-05 14:51:51 +08:00
Kubernetes Submit Queue
0ec36bdc8f Merge pull request #47043 from CaoShuFeng/validate_audit 
Automatic merge from submit-queue

Add Validate() function for audit options

**Release note**:

```
NONE
```
Fixes: #47114
 2017-07-04 08:48:20 -07:00
xiangpengzhao
016f1cfd8f Remove unused sub-pkgs in pkg/util 2017-07-04 12:04:06 +08:00
deads2k
3ee458d246 remove tpr API access 2017-07-03 11:25:59 -04:00
ymqytw
8dac9639e4 split util/slice 2017-06-30 23:04:18 -07:00
Kubernetes Submit Queue
c0337c92cc Merge pull request #47881 from cadmuxe/endpoint 
Automatic merge from submit-queue (batch tested with PRs 47918, 47964, 48151, 47881, 48299)

Add ApiEndpoint support to GCE config.

**What this PR does / why we need it**:
Add the ability to change ApiEndpoint  for GCE.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:
```release-note
None
```
 2017-06-30 18:42:40 -07:00
Tim Hockin
a0db287299 Merge pull request #47934 from wlan0/master 
enable docs and man page autogeneration for cloud-controller-manager
 2017-06-30 16:58:08 -07:00
Kubernetes Submit Queue
a92123c530 Merge pull request #48037 from wanghaoran1988/add_bootstrap_option 
Automatic merge from submit-queue (batch tested with PRs 48295, 48298, 47339, 44910, 48037)

Make the `--controllers` flag configurable in hack/local-up-cluster.sh

**What this PR does / why we need it**:
add options to enable tokencleaner,bootstrapsigner controller for bootstrap token testing

**Release note**:
```
None
```
 2017-06-30 14:34:32 -07:00
Kubernetes Submit Queue
228822a95b Merge pull request #44910 from mkumatag/ppc64le_test_images 
Automatic merge from submit-queue (batch tested with PRs 48295, 48298, 47339, 44910, 48037)

Make Makefiles in `test/images/` compatible with multiple architectures

**What this PR does / why we need it**:
This PR is for making test images multi architecture for different platforms like amd64, arm, arm64, ppc64le
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes  #31331

**Special notes for your reviewer**:
- Actual tests need to be modified to use these images based on the architecture later.
- Not covering the cross building of docker images for `s390x` platform due to problem faced while running containers with `qemu-s390x-static`
- Will submit separate PR for `volume and pet` test images
- This PR depends on - https://github.com/kubernetes/ingress/pull/587

**Release note**:

```NONE```
 2017-06-30 14:34:30 -07:00
Matt Liggett
2ee08591b0 Return a slightly more verbose error when "go get" fails. 2017-06-30 12:06:27 -07:00
Kubernetes Submit Queue
17e19dfce6 Merge pull request #48271 from shyamjvs/cluster-ip-e2e-flag 
Automatic merge from submit-queue

Make cluster IP range an argument to ginkgo to fix firewall test

This should fix the failing "Firewall rule should have correct firewall rules for e2e cluster" test when using a non-default cluster IP range.
(Ref: https://k8s-gubernator.appspot.com/build/kubernetes-jenkins/logs/ci-kubernetes-e2e-gce-enormous-cluster/13#k8sio-firewall-rule-should-have-correct-firewall-rules-for-e2e-cluster)

/cc @kubernetes/sig-network-pr-reviews @gmarek
 2017-06-30 09:26:32 -07:00
Shyam Jeedigunta
c1a76fbb57 Make cluster IP range an argument to ginkgo to fix firewall test 2017-06-30 16:18:18 +02:00
Manjunath A Kumatagi
5f0c16b5d0 Fix verify-golint 2017-06-30 19:42:55 +05:30
Minhan Xia
6da0c11063 add dockershim checkpoint node e2e test 2017-06-29 13:26:09 -07:00
Koonwah Chen
0db5b37165 testing fixed 
hack/verify-gofmt.sh and hack/verify-flags-underscore.py
 2017-06-29 10:42:29 -07:00
Kubernetes Submit Queue
33fc75e223 Merge pull request #47984 from ironcladlou/local-cluster-vmodule 
Automatic merge from submit-queue (batch tested with PRs 46850, 47984)

Enable vmodule support for all components

Support vmodule (via `LOG_SPEC`) for all local cluster components.

```release-note
NONE
```
 2017-06-29 07:18:34 -07:00
Jordan Liggitt
6967ae78b3
Make doc generation on cherry-picks optional 2017-06-26 16:54:11 -04:00
Nikhita Raghunath
52bd0bc713
Fix error in local-cluster-up 
When $GO_OUT is not set, line 152 will output the error:
[: ==: unary operator expected. This occurs because the if condition becomes
if [  == "" ]. This results in an error because == is a binary operator.
 2017-06-26 21:59:01 +05:30
Haoran Wang
38f3a9cc4b add options enable tokencleaner,bootstrapsigner controller 2017-06-26 23:46:55 +08:00
Kubernetes Submit Queue
b042c76d10 Merge pull request #47936 from caesarxuchao/test-api-dependency 
Automatic merge from submit-queue (batch tested with PRs 47650, 47936, 47939, 47986, 48006)

External dependency of k8s.io/api

Fix https://github.com/kubernetes/kubernetes/issues/48007

It's unfortunate that k8s.io/api has external dependencies.

Most of the dependencies are introduced by "k8s.io/apimachinery/pkg/util/intstr" and ugorji.
 2017-06-24 05:15:40 -07:00
Matthew Wong
76a72f6248 Move e2e fromManifest funcs to manifest package 2017-06-23 18:47:42 -04:00
Dan Mace
321ed7f7cf Enable vmodule support for all components 
Support vmodule (via `LOG_SPEC`) for all local cluster components.
 2017-06-23 15:12:35 -04:00
Kubernetes Submit Queue
418c319e0a Merge pull request #47227 from supereagle/correct-script-name 
Automatic merge from submit-queue

correct the name of the script to generate swagger doc

**What this PR does / why we need it**: The name of the script to generate swagger doc is not correct, this PR is to fix it.

**Which issue this PR fixes**: fixes #

**Special notes for your reviewer**:

**Release note**:
```release-note
NONE
```
 2017-06-22 23:27:15 -07:00
Kubernetes Submit Queue
7ecb6cc238 Merge pull request #47095 from MrHohn/fix-e2e-firewall-multizone 
Automatic merge from submit-queue (batch tested with PRs 47922, 47195, 47241, 47095, 47401)

Fix firewall e2e test for multizone CIs

Fixes #46894.

- Getting node/master tags from config instead of instance.
- Don't assume instance always run in default zone.

/assign @freehan 

**Release note**:

```release-note
NONE
```
 2017-06-22 21:33:31 -07:00
Kubernetes Submit Queue
e4af9dccb0 Merge pull request #46923 from dims/nuke-wrapper-go-flags 
Automatic merge from submit-queue (batch tested with PRs 47921, 45984, 46829, 46896, 46923)

Remove unnecessary wrapper flags

**What this PR does / why we need it**:

Drop KUBE_GOFLAGS, KUBE_GOGCFLAGS, KUBE_GOLDFLAGS references
from the build infrastructure

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47296

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-06-22 20:26:29 -07:00
Kubernetes Submit Queue
a509cbf919 Merge pull request #46829 from cblecker/swagger-dir-fix 
Automatic merge from submit-queue (batch tested with PRs 47921, 45984, 46829, 46896, 46923)

Create output_dir if doesn't exist

**What this PR does / why we need it**:
Minor fix to the swagger spec gen, that if the directory doesn't exist, create it before copying.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-06-22 20:26:24 -07:00
Kubernetes Submit Queue
dafe578377 Merge pull request #45984 from cblecker/hack-vet 
Automatic merge from submit-queue (batch tested with PRs 47921, 45984, 46829, 46896, 46923)

Move govet verify into rest of verify*-.sh scripts

**What this PR does / why we need it**:
Instead of having two govet scripts, consolidate them to into one and have both the Makefile and verify.sh scripts target the same script. This also will allow proper syntax highlighting and timing when the vet script is run as part of `make verify`.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes https://github.com/kubernetes/test-infra/issues/2725

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```

/cc @fejta @rmmh
 2017-06-22 20:26:21 -07:00
Kubernetes Submit Queue
4e1b608391 Merge pull request #45784 from xiangpengzhao/fix-integration-tips 
Automatic merge from submit-queue

Give developer more help info when running integration tests without etcd found.

**What this PR does / why we need it**:
When running integration tests, if etcd version on env is lower than expected, developer will get info `You can use 'hack/install-etcd.sh' to install a copy in third_party/.` It would be better to have the same info if no etcd installed on env.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-06-22 18:53:22 -07:00
wlan0
38b060c4fd enable docs and man page autogeneration for cloud-controller-manager 2017-06-22 17:04:26 -07:00
Chao Xu
8642e6f0c0 include k8s.io/api in update-godep-staging.sh 2017-06-22 16:58:53 -07:00
Chao Xu
339183181d revert hack/update-all to its original form 2017-06-22 11:31:04 -07:00
Chao Xu
593e7c0256 revert!! temporary change to hack/update-all.sh 2017-06-22 11:31:03 -07:00
Chao Xu
83235f940a manually fix hack/verify-staging-imports.sh 
manually fix hack/godep-save.sh

manually fix .linted_packages

squash, manually fix lint

manually fix hack/update-staging-godeps.sh

manually fix update-staging-godeps.sh; let it update godep of client-go
 2017-06-22 11:31:00 -07:00
Chao Xu
633ef0d44d change hack/update-codecgen.sh 2017-06-22 11:30:58 -07:00
Chao Xu
7d5dbdaa09 manually fix protogen 2017-06-22 11:30:58 -07:00
Chao Xu
0a853fec93 hack/lib/init.sh util.sh update-codegen.sh 2017-06-22 11:30:57 -07:00
Chao Xu
bad65b4c95 Don't revert, necessary change to make helpers to include k8s.io/api 
Don't revert, change boundingdirs in Makefile for deepcopy-gen

manually fix pkg/client/clientset_generated/clientset/typed/core/v1/pod_expansion.go because external policy types are moved now
 2017-06-22 11:30:43 -07:00
Kubernetes Submit Queue
98c868d038 Merge pull request #46993 from david-mcmahon/gen-docs 
Automatic merge from submit-queue

Regenerate docs (if necessary) during cherry-pick operations.

This change ensures that cherrypicks are coupled with any related doc generation required.
closes #44533
 2017-06-21 17:32:33 -07:00
Christoph Blecker
97783f9093
Run hack/verify-govet.sh as part of verify make target 
This commit ensures that:
- go vet will be run as part of the make verify target
- the vet make-rule script won't be run directly, as generated_files won't be run in that case
- that go vet errors show up in the build log with a start time, finish time, and SUCCESS/FAILED message as part of the verify make rule script
 2017-06-21 11:10:25 -07:00
mbohlool
222f6ae37f Add test from #47578 2017-06-21 10:56:00 -07:00
Kubernetes Submit Queue
e626d381fb Merge pull request #47331 from wasylkowski/fix-gofmt 
Automatic merge from submit-queue

Fixed the issue with formatting issues not being reported when verification fails

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-06-20 09:06:25 -07:00
Davanum Srinivas
5b3c3665f3 Remove timestamps from docs/api-reference/*/*.html 
If there are 2 or more PR(s) in the queue, they will end up with
conflicts (and rechecks). So let us remove the timestamp entirely
when we generate the files.

Fixes #46814
 2017-06-19 21:41:38 -04:00
Kubernetes Submit Queue
cc645a8c6f Merge pull request #46327 from supereagle/mark-network-plugin-dir-deprecated 
Automatic merge from submit-queue (batch tested with PRs 46327, 47166)

mark --network-plugin-dir deprecated for kubelet

**What this PR does / why we need it**:

**Which issue this PR fixes** : fixes #43967

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-06-19 11:23:54 -07:00
Kubernetes Submit Queue
b6faf34862 Merge pull request #47530 from mindprince/issue-47388-remove-dead-code 
Automatic merge from submit-queue (batch tested with PRs 47530, 47679)

Use cos-stable-59-9460-64-0 instead of cos-beta-59-9460-20-0.

Remove dead code that has now moved to another repo as part of #47467

**Release note**:
```release-note
NONE
```

/sig node
 2017-06-16 20:57:58 -07:00
Kubernetes Submit Queue
d7b631a52d Merge pull request #46883 from ahmetb/clientgo-toc 
Automatic merge from submit-queue

clientgo/examples: add ToC for examples

Also add authenticate- prefix to auth samples. This patch could use some
improvement explaining workqueue and TPR examples as I'm not entirely sure.

/assign @caesarxuchao

Signed-off-by: Ahmet Alp Balkan <ahmetb@google.com>
 2017-06-16 14:14:26 -07:00
Rohit Agarwal
3a86c97cf6 Use cos-stable-59-9460-64-0 instead of cos-beta-59-9460-20-0. 
- It contains a fix for ipaliasing.
- It contains a fix which decouples GPU driver installation from kernel
version.

Remove dead code that has now moved to another repo as part of #47467
 2017-06-16 13:48:50 -07:00
Kubernetes Submit Queue
c31893978b Merge pull request #45918 from juanvallejo/jvallejo/fix-kubectl-set-resources-local 
Automatic merge from submit-queue

fix --local flag for kubectl commands

Fixes https://github.com/kubernetes/kubernetes/issues/47079

**Release note**:
```release-note
NONE
```

Fixes the `--local` flag for `kubectl set ...` sub-commands.
**As of the 1.7 release**, `PrinterForCommand` was updated to [use a mapper and typer for unstructured objects](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/util/factory_builder.go#L52), which further prevented the use of `--local` when there was no connection to an api server.


**before** (with no connection to a server)
```
$ kubectl set resources -f pod.json --limits=cpu=200m,memory=512Mi --local
error: unable to connect to a server to handle "pods": Get https://10.13.137.149:8443/api: dial tcp 10.13.137.149:8443: getsockopt: connection refused
```

**after** (with no connection to a server)
```
$ kubectl set resources -f pod.json --limits=cpu=200m,memory=512Mi --local
NAME              READY     STATUS    RESTARTS   AGE
mypod   0/1                 0          <unknown>
```

cc @smarterclayton @fabianofranz
 2017-06-16 08:19:13 -07:00
Anthony Yeh
394c6a5980
CRD: Test delete both with and without cascading. 2017-06-14 22:36:45 -07:00
Kubernetes Submit Queue
8cbf3a33d4 Merge pull request #47542 from enisoc/tpr-watch 
Automatic merge from submit-queue (batch tested with PRs 47492, 47542, 46800, 47545, 45764)

Fix TPR watches.

Fixes #47027

TPR watch has been broken since #44350.
 2017-06-14 21:43:41 -07:00
Kubernetes Submit Queue
304106f0f7 Merge pull request #47099 from mengqiy/add_junit_for_cmd_tests 
Automatic merge from submit-queue (batch tested with PRs 47204, 46808, 47432, 47400, 47099)

support junit in test-cmd

Output junit result for cmd tests.

Fixes #45196

There will be a followup PR to refactor the cmd test into functions as test cases there is not a lot changes in `hack/make-rules/test-cmd-util.sh`

```release-note
NONE
```
 2017-06-14 17:14:08 -07:00
Kubernetes Submit Queue
ef20034a04 Merge pull request #47204 from janetkuo/kubectl-apply-change-cause 
Automatic merge from submit-queue (batch tested with PRs 47204, 46808, 47432, 47400, 47099)

Make kubectl apply add change-cause before patching

**What this PR does / why we need it**: We shouldn't patch the project with applied change, and then patch again with the change cause. Otherwise, DaemonSet change cause wouldn't be copied to its history (after the first patch, history will be created with the old change cause). 

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47210

**Special notes for your reviewer**: 
/assign @mengqiy 
@kubernetes/sig-apps-bugs @kubernetes/sig-cli-maintainers 

**Release note**:

```release-note
NONE
```
 2017-06-14 17:13:54 -07:00
Anthony Yeh
17cbc5e014
Fix TPR watches. 2017-06-14 16:58:49 -07:00
Kubernetes Submit Queue
16640d892f Merge pull request #46135 from krousey/upgrades 
Automatic merge from submit-queue (batch tested with PRs 47470, 47260, 47411, 46852, 46135)

Write reports for each upgrade test

Due to the way Ginkgo runs individual test cases and the level of coordination required for the upgrade tests, they were all run under a single Ginkgo test case. This PR generates and auxiliary report that break out the results of each upgrade test. This is accomplished by:

  1) Wrapping `ginkgo.Fail` and `ginkgo.Skip` to get the actual failure or skip messages.
  2) Recovering that info in the upgrade test to generate an auxiliary report.

I suggest reviewing commit by commit. 

Sample report: https://storage.googleapis.com/krouseytestreports/logs/results/1/artifacts/junit_upgrades.xml

Fixes: #47371
 2017-06-14 12:52:27 -07:00
Kubernetes Submit Queue
d797c219b3 Merge pull request #47260 from yguo0905/perf-dash 
Automatic merge from submit-queue (batch tested with PRs 47470, 47260, 47411, 46852, 46135)

Logs node e2e perf data to standalone json files

Fixes the node-dash-perf issue in https://github.com/kubernetes/kubernetes/issues/44003.

- Move perf data types to `test/e2e/perftype/perftype.go` so that the node-perf-dash can depend on.
- Logs the perf data to standalone json files so that node-perf-dash can consume it easily. A sample run of `ci-kubernetes-node-kubelet-benchmark` is at https://console.cloud.google.com/storage/browser/ygg-gke-dev-bucket/e2e-node-test/ci-kubernetes-node-kubelet-benchmark/1.

The corresponding changes in node-perf-dash is at https://github.com/kubernetes/contrib/pull/2628.

**Release note**:
`None`

/sig node
/area node-e2e
/assign @Random-Liu
 2017-06-14 12:52:18 -07:00
Ahmet Alp Balkan
62d1251874
clientgo/examples: add ToC for examples 
Also add authenticate- prefix to auth samples.

Signed-off-by: Ahmet Alp Balkan <ahmetb@google.com>
 2017-06-13 15:48:40 -07:00
ymqytw
1480f6c368 refactor cmd test case into functions for easier generating junit results 2017-06-13 14:09:06 -07:00
Kubernetes Submit Queue
72a046d858 Merge pull request #43987 from cosmincojocar/azure_plugin_for_client_auth 
Automatic merge from submit-queue (batch tested with PRs 46441, 43987, 46921, 46823, 47276)

Azure plugin for client auth

This is an Azure Active Directory plugin for client authentification. It provides an integration with Azure CLI 2.0 login command. It can also be used standalone, in that case it will use the device code flow to acquire an access token. 

More details are provided in the README.md file. 

https://github.com/kubernetes/kubectl/issues/29

cc @brendandburns @colemickens
 2017-06-13 13:55:45 -07:00
ymqytw
471327f95f output junit for cmd tests 2017-06-13 10:13:23 -07:00
juanvallejo
d036686185
fix --local flag for kubectl set commands 2017-06-13 12:57:05 -04:00
Janet Kuo
03af5233bd Make kubectl apply add change-cause before patching 2017-06-12 23:49:42 -07:00
Kubernetes Submit Queue
aa35738a21 Merge pull request #47075 from janetkuo/ds-history-patch 
Automatic merge from submit-queue

Change what is stored in DaemonSet history `.data`

**What this PR does / why we need it**: 
In DaemonSet history `.data`, store a strategic merge patch that can be applied to restore a DaemonSet. Only PodSpecTemplate is saved. 

This will become consistent with the data stored in StatefulSet history. 

Before this fix, a serialized pod template is stored in `.data`; however, seriazlized pod template isn't a `runtime.RawExtension`, and caused problems when controllers try to patch the history's controller ref. 

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47008

**Special notes for your reviewer**: @kubernetes/sig-apps-bugs @erictune @kow3ns @kargakis @lukaszo @mengqiy 

**Release note**:

```release-note
NONE
```
 2017-06-12 23:31:08 -07:00
Kris
32db61da76 Adding ginkgowrapper and junit to linted packages 2017-06-12 16:59:54 -07:00
Yang Guo
29b2db5af3 Logs node e2e perf data to standalone json files 2017-06-12 14:27:56 -07:00
Andrzej Wasylkowski
9920fea527 Fixed the issue with formatting issues not being reported when verification fails. 2017-06-12 17:59:08 +02:00
Kubernetes Submit Queue
df1e289888 Merge pull request #47004 from ixdy/bazel-stamp-multiple-packages 
Automatic merge from submit-queue

bazel: stamp multiple packages by using x_defs instead of linkstamp in go_binary rules

**What this PR does / why we need it**: Fixes regression introduced sometime in the last few months that prevented bazel-built clusters from identifying version properly. 

It does so by updating the bazelbuild/rules_go and kubernetes/repo-infra dependencies to support using stamp values in `go_binary` `x_defs`, and then changing our `go_binary` rules to use `x_defs` instead of `linkstamp`.

This whole charade is necessary because we need to stamp version information in multiple packages.

This pretty much only affects the bazel build, so it should be low risk.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #45298

**Special notes for your reviewer**: depends on https://github.com/kubernetes/repo-infra/pull/18; should not be merged before it.

**Release note**:

```release-note
NONE
```

/assign @spxtr @mikedanese
 2017-06-11 00:33:13 -07:00
Janet Kuo
2b8f91e549 Update kubectl rollout to consume .data of DaemonSet history 
Also update tset data to make sure DaemonSet template is replaced, not
merged, when rolling back.
 2017-06-10 10:52:33 -07:00
supereagle
606c32bc92 correct the script name for generating swagger doc 2017-06-09 14:25:32 +08:00
Pengfei Ni
83676175b0 Update hack scripts 2017-06-09 10:13:34 +08:00
Jeff Grafton
64bd79fad7 Convert go_binary linkstamp to x_defs 2017-06-08 14:59:55 -07:00
Jeff Grafton
14e1889372 Disable verify-gofmt bazel test 2017-06-08 14:59:55 -07:00
David McMahon
4d70ec9531 Regenerate docs (if necessary) during cherry-pick operations. 2017-06-08 13:18:20 -07:00
Kubernetes Submit Queue
d16d64f620 Merge pull request #46916 from smarterclayton/secretbox 
Automatic merge from submit-queue (batch tested with PRs 46979, 47078, 47138, 46916)

Add a secretbox and AES-CBC path for encrypt at rest

Add a secretbox and AES-CBC encrypt at rest provider and alter the config, based on feedback from security review.  AES-CBC is more well reviewed and generally fits better with common criteria and FIPS, secretbox is newer and faster than CBC.

```release-note
Add secretbox and AES-CBC encryption modes to at rest encryption.  AES-CBC is considered superior to AES-GCM because it is resistant to nonce-reuse attacks, and secretbox uses Poly1305 and XSalsa20.
```
 2017-06-07 19:01:53 -07:00
Kubernetes Submit Queue
20bf5f2311 Merge pull request #47086 from enisoc/crd-namespace-cleanup 
Automatic merge from submit-queue (batch tested with PRs 47024, 47050, 47086, 47081, 47013)

apiextensions-apiserver: Fix decoding of DeleteOptions.

Fixes #47072 by making apiextensions-apiserver capable of decoding unversioned DeleteOptions, rather than only handling Unstructured objects (i.e. Custom Resources).

This also closes #46736 and #37554 since the added regression test works for TPR as well.
 2017-06-07 16:53:43 -07:00
Kubernetes Submit Queue
43295501a3 Merge pull request #47050 from sttts/sttts-deprecate-tpr-example 
Automatic merge from submit-queue (batch tested with PRs 47024, 47050, 47086, 47081, 47013)

client-go: deprecate TPR example and add CRD example

/cc @nilebox

Part of https://github.com/kubernetes/kubernetes/issues/46702
 2017-06-07 16:53:40 -07:00
Kubernetes Submit Queue
783b940c30 Merge pull request #47088 from mikedanese/integration-race 
Automatic merge from submit-queue

enable race detection on integration tests

Fix an old TODO
 2017-06-07 11:04:57 -07:00
Davanum Srinivas
823e26ddbf Remove unnecessary wrapper flags 
Drop KUBE_GOFLAGS, KUBE_GOGCFLAGS, KUBE_GOLDFLAGS references
from the build infrastructure. There are some usages still
for KUBE_GOFLAGS, so we should print a deprecation message
until all those are fixed. If both KUBE_GOFLAGS and GOFLAGS
are just then we just bail out.
 2017-06-07 12:31:01 -04:00
Dr. Stefan Schimanski
e2b50ac9b8 client-go: deprecate TPR example and add CRD example 2017-06-07 13:45:58 +02:00
Cao Shufeng
cf8e3ccf19 Add Validate() function for audit options 2017-06-07 16:53:02 +08:00
Kubernetes Submit Queue
0613ae5077 Merge pull request #46669 from kow3ns/statefulset-update 
Automatic merge from submit-queue (batch tested with PRs 46235, 44786, 46833, 46756, 46669)

implements StatefulSet update

**What this PR does / why we need it**:
1. Implements rolling update for StatefulSets
2. Implements controller history for StatefulSets.
3. Makes StatefulSet status reporting consistent with DaemonSet and ReplicaSet.

https://github.com/kubernetes/features/issues/188

**Special notes for your reviewer**:

**Release note**:
```release-note
Implements rolling update for StatefulSets. Updates can be performed using the RollingUpdate, Paritioned, or OnDelete strategies. OnDelete implements the manual behavior from 1.6. status now tracks 
replicas, readyReplicas, currentReplicas, and updatedReplicas. The semantics of replicas is now consistent with DaemonSet and ReplicaSet, and readyReplicas has the semantics that replicas did prior to this release.
```
 2017-06-07 00:27:53 -07:00
Kubernetes Submit Queue
eae59aaf72 Merge pull request #44786 from tsandall/f8n-scheduling-policy 
Automatic merge from submit-queue (batch tested with PRs 46235, 44786, 46833, 46756, 46669)

federation: Add admission controller for policy-based placement

@nikhiljindal 

Here's the initial version of the scheduling policy admission controller. It's at the point where it would benefit from having another pair of eyes look at it. The main thing I'm unsure of is the serialization of Kube resources for the webhook/query call.

Release Note:

```
The federation-apiserver now supports a SchedulingPolicy admission controller that enables policy-based control over placement of federated resources.
```

Ref #39982
 2017-06-07 00:27:47 -07:00
Zihong Zheng
0acdc89d96 Pipe in GCE master/node tags through flags for e2e test 2017-06-06 17:27:07 -07:00
Mike Danese
64f77ebfb7 enable race detection on integration tests 2017-06-06 16:27:49 -07:00
Kenneth Owens
1a784ef86f Auto generated code for StatefulSet update 2017-06-06 13:47:19 -07:00
Anthony Yeh
6044bea32b
Add test for TPR/CRD namespace cleanup. 2017-06-06 11:45:15 -07:00
Clayton Coleman
23cd6c52ba
Add a secretbox implementation for encryption 
Uses nacl/secretbox
 2017-06-06 10:50:38 -04:00
Dr. Stefan Schimanski
bb663aa7e6 hack/verify-staging-imports.sh: add apiextensions-apiserver 2017-06-06 12:06:31 +02:00
Dr. Stefan Schimanski
33e50da9f4 Rename {kube- ->}apiextensions-{-> api}server 2017-06-06 12:06:31 +02:00
Kubernetes Submit Queue
a552ee61a0 Merge pull request #46672 from smarterclayton/initializer_with_config 
Automatic merge from submit-queue (batch tested with PRs 46967, 46992, 43338, 46717, 46672)

Select initializers from the dynamic configuration

Continues #36721

kubernetes/features#209
 2017-06-05 20:27:50 -07:00
Kubernetes Submit Queue
6b50a5cb39 Merge pull request #43338 from fabianofranz/group_aliases_in_api 
Automatic merge from submit-queue (batch tested with PRs 46967, 46992, 43338, 46717, 46672)

Add group alias names to API resources to allow discovery

**What this PR does / why we need it**: 
Adds `GroupNames []string` to API resources, which represents the list of group aliases that every resource belongs to. 

Partially fixes https://github.com/kubernetes/kubernetes/issues/41353

This moves the logic of "all" (which currently [translates](fbc94c0896/pkg/kubectl/cmd/util/shortcut_restmapper.go (L106)) to "pods,replicationcontrollers,services,...") to the server-side. Will allow clients like `kubectl` to discover group aliases instead of having it hardcoded and the API server to better handle consistency across multiple clients, version skew, etc; and will make "all" un-special and allow other groups to be created.

As a follow-up we'll patch `kubectl` to make groups aliases discoverable and the hardcoded list a fallback while we still have to support it.

Related to https://github.com/kubernetes/kubernetes/pull/42595#issuecomment-286839885.

**Release note**:
```release-note
Adds the `Categories []string` field to API resources, which represents the list of group aliases (e.g. "all") that every resource belongs to. 
```
@kubernetes/sig-api-machinery-misc @deads2k @bgrant0607
 2017-06-05 20:27:46 -07:00
Kubernetes Submit Queue
8280bd5e1a Merge pull request #46799 from mikedanese/gce-3 
Automatic merge from submit-queue (batch tested with PRs 46972, 42829, 46799, 46802, 46844)

promote tls-bootstrap to beta

last commit of this PR.

Towards https://github.com/kubernetes/kubernetes/issues/46999

```release-note
Promote kubelet tls bootstrap to beta. Add a non-experimental flag to use it and deprecate the old flag.
```
 2017-06-05 17:46:52 -07:00
Kubernetes Submit Queue
f893cddfba Merge pull request #46460 from sakshamsharma/location_transformer 
Automatic merge from submit-queue (batch tested with PRs 46550, 46663, 46816, 46820, 46460)

Add configuration for encryption providers

## Additions

Allows providing a configuration file (using flag `--experimental-encryption-provider-config`) to use the existing AEAD transformer (with multiple keys) by composing mutable transformer, prefix transformer (for parsing providerId), another prefix transformer (for parsing keyId), and AES-GCM transformers (one for each key). Multiple providers can be configured using the configuration file.

Example configuration:
```
kind: EncryptionConfig
apiVersion: v1
resources:
  - resources:
    - namespaces
    providers:
    - aes:
        keys:
        - name: key1
          secret: c2vjcmv0iglzihnly3vyzq==
        - name: key2
          secret: dghpcybpcybwyxnzd29yza==
    - identity: {}
```

Need for configuration discussed in:
#41939
[Encryption](3418b4e4c6/contributors/design-proposals/encryption.md)

**Pathway of a read/write request**:
1. MutableTransformer
2. PrefixTransformer reads the provider-id, and passes the request further if that matches.
3. PrefixTransformer reads the key-id, and passes the request further if that matches.
4. GCMTransformer tries decrypting and authenticating the cipher text in case of reads. Similarly for writes.

## Caveats
1. To keep the command line parameter parsing independent of the individual transformer's configuration, we need to convert the configuration to an `interface{}` and manually parse it in the transformer. Suggestions on better ways to do this are welcome.

2. Flags `--encryption-provider` and `--encrypt-resource` (both mentioned in [this document](3418b4e4c6/contributors/design-proposals/encryption.md) ) are not supported in this because they do not allow more than one provider, and the current format for the configuration file possibly supersedes their functionality.

3. Currently, it can be tested by adding `--experimental-encryption-provider-config=config.yml` to `hack/local-up-cluster.sh` on line 511, and placing the above configuration in `config.yml` in the root project directory.

Previous discussion on these changes:
https://github.com/sakshamsharma/kubernetes/pull/1

@jcbsmpsn @destijl @smarterclayton

## TODO
1. Investigate if we need to store keys on disk (per [encryption.md](3418b4e4c6/contributors/design-proposals/encryption.md (option-1-simple-list-of-keys-on-disk)))
2. Look at [alpha flag conventions](https://github.com/kubernetes/kubernetes/blob/master/pkg/features/kube_features.go)
3. Need to reserve `k8s:enc` prefix formally for encrypted data. Else find a better way to detect transformed data.
 2017-06-05 16:43:48 -07:00
Fabiano Franz
058f9b4f32 Add group alias names to discovery in registry 2017-06-05 20:18:12 -03:00
Clayton Coleman
034f06d7e4
Remove Initializers from federation 2017-06-05 19:12:36 -04:00
mbohlool
c7ae61b38b Add OpenAPI README file 2017-06-05 13:18:07 -07:00
Mike Danese
cdcfa35c2a promote tls-bootstrap to beta 2017-06-05 12:20:58 -07:00
Torin Sandall
470e99c6a5 federation: Add admission controller for policy-based placement 2017-06-05 07:58:59 -07:00
Janet Kuo
edabdac094 Implement kubectl rollout history and undo for DaemonSet 2017-06-03 17:10:57 -07:00
Kubernetes Submit Queue
07f85565a2 Merge pull request #36721 from smarterclayton/initializers 
Automatic merge from submit-queue

Add initializer support to admission and uninitialized filtering to rest storage

Initializers are the opposite of finalizers - they allow API clients to react to object creation and populate fields prior to other clients seeing them.

High level description:

1. Add `metadata.initializers` field to all objects
2. By default, filter objects with > 0 initializers from LIST and WATCH to preserve legacy client behavior (known as partially-initialized objects)
3. Add an admission controller that populates .initializer values per type, and denies mutation of initializers except by certain privilege levels (you must have the `initialize` verb on a resource)
4. Allow partially-initialized objects to be viewed via LIST and WATCH for initializer types
5. When creating objects, the object is "held" by the server until the initializers list is empty
6. Allow some creators to bypass initialization (set initializers to `[]`), or to have the result returned immediately when the object is created.

The code here should be backwards compatible for all clients because they do not see partially initialized objects unless they GET the resource directly. The watch cache makes checking for partially initialized objects cheap. Some reflectors may need to change to ask for partially-initialized objects.

```release-note
Kubernetes resources, when the `Initializers` admission controller is enabled, can be initialized (defaulting or other additive functions) by other agents in the system prior to those resources being visible to other clients.  An initialized resource is not visible to clients unless they request (for get, list, or watch) to see uninitialized resources with the `?includeUninitialized=true` query parameter.  Once the initializers have completed the resource is then visible.  Clients must have the the ability to perform the `initialize` action on a resource in order to modify it prior to initialization being completed.
```
 2017-06-03 07:16:52 -07:00
Irfan Ur Rehman
bc9852fca4 [Federation][Kubefed] Support documentation for kubefed and its sub commands 2017-06-03 17:11:36 +05:30
Cao Shufeng
c28efb85ff add cmd test for kubectl auth can-i 2017-06-03 17:01:00 +08:00
Kubernetes Submit Queue
e837c3bbc2 Merge pull request #46388 from lavalamp/whitlockjc-generic-webhook-admission 
Automatic merge from submit-queue (batch tested with PRs 46239, 46627, 46346, 46388, 46524)

Dynamic webhook admission control plugin

Unit tests pass.

Needs plumbing:
* [ ] service resolver (depends on @wfender PR)
* [x] client cert (depends on ????)
* [ ] hook source (depends on @caesarxuchao PR)

Also at least one thing will need to be renamed after Chao's PR merges.

```release-note
Allow remote admission controllers to be dynamically added and removed by administrators.  External admission controllers make an HTTP POST containing details of the requested action which the service can approve or reject.
```
 2017-06-02 23:37:42 -07:00
Clayton Coleman
4ce3907639
Add Initializers to all admission control paths by default 2017-06-02 22:09:04 -04:00
Kubernetes Submit Queue
5bf5d45c2b Merge pull request #46192 from cblecker/verify-dockerized 
Automatic merge from submit-queue (batch tested with PRs 46801, 45184, 45930, 46192, 45563)

Exclude dockerized verify patterns

**What this PR does / why we need it**:
Change some of the `make verify` logic to allow excluding based on a pattern. Add the `verify-*-dockerized.sh` pattern to the excluded list.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-06-02 18:05:57 -07:00
Kubernetes Submit Queue
caead74171 Merge pull request #45184 from DirectXMan12/feature/metrics-client-gen-tweaks 
Automatic merge from submit-queue (batch tested with PRs 46801, 45184, 45930, 46192, 45563)

Tweak client-gen to support metrics API

This PR adds support to client-gen for readonly APIs as well as for customizing the resource name used for a given type.

This is required to support the clients generated for `k8s.io/metrics/pkg/apis/metrics`.

cc @caesarxuchao 

Currently based on #45180

**Release note**:
```release-note
NONE
```
 2017-06-02 18:05:50 -07:00
Kubernetes Submit Queue
dcf19e8865 Merge pull request #45865 from caesarxuchao/remove-exception 
Automatic merge from submit-queue

remove exception in verify-no-vendor-cycles.sh

The exception is fixed by https://github.com/kubernetes/kubernetes/pull/45758.
 2017-06-02 13:02:18 -07:00
Kubernetes Submit Queue
97a5d37841 Merge pull request #40848 from smarterclayton/serverside_get 
Automatic merge from submit-queue (batch tested with PRs 46432, 46701, 46326, 40848, 46396)

Add a server side Get operation

Implement proposal kubernetes/community#363

```release-note
The Kubernetes API supports retrieving tabular output for API resources via a new mime-type `application/json;as=Table;v=v1alpha1;g=meta.k8s.io`.  The returned object (if the server supports it) will be of type `meta.k8s.io/v1alpha1` with `Table`, and contain column and row information related to the resource.  Each row will contain information about the resource - by default it will be the object metadata, but callers can add the `?includeObject=Object` query parameter and receive the full object.  In the future kubectl will use this to retrieve the results of `kubectl get`.
```
 2017-06-02 11:47:11 -07:00
Christoph Blecker
f75274e04e
Create output_dir if doesn't exist 2017-06-01 23:09:14 -07:00
Saksham Sharma
9760d00d08 Add configuration options for encryption providers 
Add location transformer, config for transformers

Location transformer helps choose the most specific transformer for
read/write operations depending on the path of resource being accessed.

Configuration allows use of --experimental-encryption-provider-config
to set up encryption providers. Only AEAD is supported at the moment.

Add new files to BUILD, AEAD => k8s-aes-gcm

Use group resources to select encryption provider

Update tests for configuration parsing

Remove location transformer

Allow specifying providers per resource group in configuration

Add IdentityTransformer configuration option

Fix minor issues with initial AEAD implementation

Unified parsing of all configurations

Parse configuration using a union struct

Run configuration parsing in APIserver, refactor parsing

More gdoc, fix minor bugs

Add test coverage for combined transformers

Use table driven tests for encryptionconfig
 2017-06-01 20:25:11 -07:00
Kubernetes Submit Queue
f7a1f10275 Merge pull request #45919 from ericchiang/audit-webhook-backend 
Automatic merge from submit-queue

apiserver: add a webhook implementation of the audit backend

This builds off of #45315 and is intended to implement an interfaced defined in #45766.

TODO:

- [x] Rebase on top of API types PR.
- [x] Rebase on top of API types updates (#46065)
- [x] Rebase on top of feature flag (#46009)
- [x] Rebase on top of audit instrumentation.
- [x] Hook up API server flag or register plugin (depending on #45766)

Features issue https://github.com/kubernetes/features/issues/22

Design proposal https://github.com/kubernetes/community/blob/master/contributors/design-proposals/auditing.md

```release-notes
Webhook added to the API server which omits structured audit log events.
```

/cc @soltysh @timstclair @soltysh @deads2k
 2017-06-01 13:41:59 -07:00
Kubernetes Submit Queue
62435edeff Merge pull request #46448 from dashpole/disk_eviction_defaults 
Automatic merge from submit-queue

Set Kubelet Disk Defaults for the 1.7 release

The `--low-diskspace-threshold-mb` flag has been depreciated since 1.6.
This PR sets the default to `0`, and sets defaults for disk eviction based on the values used for our [e2e tests](https://github.com/kubernetes/kubernetes/blob/master/test/e2e_node/services/kubelet.go#L145).
This also removes the custom defaults for vagrant, as the new defaults should work for it as well.

/assign @derekwaynecarr 
cc @vishh 

```release-note
By default, --low-diskspace-threshold-mb is not set, and --eviction-hard includes "nodefs.available<10%,nodefs.inodesFree<5%"
```
 2017-06-01 10:04:27 -07:00
Kubernetes Submit Queue
d3554ac0ce Merge pull request #46709 from wanghaoran1988/fix_46691 
Automatic merge from submit-queue

Disable all alpha feature gates by default in local-up-cluster.sh

**What this PR does / why we need it**:
Disable all alpha feature gates by default in local-up-cluster.sh
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #46691

**Special notes for your reviewer**:

**Release note**:
```
None
```
 2017-06-01 08:18:15 -07:00
Kubernetes Submit Queue
555fdf425d Merge pull request #46777 from sttts/sttts-inverse-verify-staging-imports-logic 
Automatic merge from submit-queue

hack/verify-staging-imports.sh: simplify by negating package list

The forbidden list of repos got lengthy. The inverse is much shorter and easiert to maintain.
 2017-06-01 07:11:13 -07:00
supereagle
dc9f0f9729 mark --network-plugin-dir deprecated for kubelet, and update related bootstrap scripts 2017-06-01 22:06:44 +08:00
Dr. Stefan Schimanski
2b26a946a2 hack/verify-staging-imports.sh: simplify by negating package list 2017-06-01 14:49:13 +02:00
Kubernetes Submit Queue
98e5496aa2 Merge pull request #46677 from enisoc/tpr-migrate-etcd 
Automatic merge from submit-queue (batch tested with PRs 43505, 45168, 46439, 46677, 46623)

Add TPR to CRD migration helper.

This is a helper for migrating TPR data to CustomResource. It's rather hacky because it requires crossing apiserver boundaries, but doing it this way keeps the mess contained to the TPR code, which is scheduled for deletion anyway.

It's also not completely hands-free because making it resilient enough to be completely automated is too involved to be worth it for an alpha-to-beta migration, and would require investing significant effort to fix up soon-to-be-deleted TPR code. Instead, this feature will be documented as a best-effort helper whose results should be verified by hand.

The intended benefit of this over a totally manual process is that it should be possible to copy TPR data into a CRD without having to tear everything down in the middle. The process would look like this:

1. Upgrade to k8s 1.7. Nothing happens to your TPRs.
1. Create CRD with group/version and resource names that match the TPR. Still nothing happens to your TPRs, as the CRD is hidden by the overlapping TPR.
1. Delete the TPR. The TPR data is converted to CustomResource data, and the CRD begins serving at the same REST path.

Note that the old TPR data is left behind by this process, so watchers should not receive DELETE events. This also means the user can revert to the pre-migration state by recreating the TPR definition.

Ref. https://github.com/kubernetes/kubernetes/issues/45728
 2017-06-01 05:43:44 -07:00
Kubernetes Submit Queue
c365829d01 Merge pull request #46487 from CaoShuFeng/LANG 
Automatic merge from submit-queue (batch tested with PRs 46686, 45049, 46323, 45708, 46487)

set LANG to 'C' in Makefile

Now we support multi-languages:
https://github.com/kubernetes/kubernetes/tree/master/translations

But some tests support only English. This test fails when LANG is set to zh_CN.UTF-8:
https://github.com/kubernetes/kubernetes/blob/master/hack/make-rules/test-cmd-util.sh#L2838
The expected err string is translated to Chinese:
https://github.com/kubernetes/kubernetes/blob/master/translations/kubectl/zh_CN/LC_MESSAGES/k8s.po#L82

**Release note**:

```
NONE
```
 2017-06-01 03:42:12 -07:00
Kubernetes Submit Queue
3e1d68624e Merge pull request #46323 from marun/fed-kubefed-beta-storage-class-annotation 
Automatic merge from submit-queue (batch tested with PRs 46686, 45049, 46323, 45708, 46487)

[Federation][kubefed]: Use StorageClassName for etcd pvc

This PR updates kubefed to use the StorageClassName field [added in 1.6](http://blog.kubernetes.io/2017/03/dynamic-provisioning-and-storage-classes-kubernetes.html
) for etcd's pvc to allow the user to specify which storage class they want to use.  If no value is provided to ``kubefed init``, the field will not be set, and initialization of the pvc may fail on a cluster without a default storage class configured.

The alpha annotation that was previously used (``volume.alpha.kubernetes.io/storage-class``) was deprecated as of 1.4 according to the following blog post:

http://blog.kubernetes.io/2016/10/dynamic-provisioning-and-storage-in-kubernetes.html

**Release note**:

```
'kubefed init' has been updated to support specification of the storage class (via --etcd-pv-storage-class) for the Persistent Volume Claim (PVC) used for etcd storage.  If --etcd-pv-storage-class is not specified, the default storage class configured for the cluster will be used.
```

cc: @kubernetes/sig-federation-pr-reviews
 2017-06-01 03:42:07 -07:00
Kubernetes Submit Queue
bcc674bc9c Merge pull request #46686 from CaoShuFeng/deprecated-flags 
Automatic merge from submit-queue (batch tested with PRs 46686, 45049, 46323, 45708, 46487)

Update deprecated flags for "make test-cmd"

**Release note**:

```
NONE
```
 2017-06-01 03:42:03 -07:00
xilabao
fe4afa8643 allow output patch string in edit command 2017-06-01 14:53:17 +08:00
Anthony Yeh
ba59e14d44
Add TPR to CRD migration helper. 2017-05-31 19:07:38 -07:00
Christoph Blecker
079abb9ec9
Exclude dockerized verify patterns 2017-05-31 18:08:16 -07:00
Daniel Smith
d6e1140b5d Implement dynamic admission webhooks 
Also fix a bug in rest client
 2017-05-31 16:38:46 -07:00
Jeremy Whitlock
83d3d59ce0 add "install" package for admission API group 
To properly register the types in the admission API group we need to
create an "install" package and wire it up.  This is required by the
webhook admission controller being developed as part of
https://github.com/kubernetes/community/pull/132
 2017-05-31 11:41:10 -07:00
Eric Chiang
a88e0187f9 apiserver: add a webhook implementation of the audit backend 2017-05-31 09:45:23 -07:00
Haoran Wang
cadbcf9419 Disable all alpha feature gates by default 2017-05-31 23:30:00 +08:00
Dr. Stefan Schimanski
781d27acac hack/update-swagger-spec.sh: use posix regex syntax 2017-05-31 11:57:03 +02:00
Kubernetes Submit Queue
c79df64306 Merge pull request #46242 from ahmetb/clientgo-examples/crud-deployment 
Automatic merge from submit-queue

clientgo/examples: Add CRUD Deployment sample
 2017-05-31 01:54:07 -07:00
Cao Shufeng
33cecc3499 Update deprecated flags for "make test-cmd" 2017-05-31 15:20:09 +08:00
Cao Shufeng
58c6200764 set LANG to 'C' for "make test-cmd" 
Now we support multi-languages:
https://github.com/kubernetes/kubernetes/tree/master/translations

But some tests support only English. This test fails when LANG is set to zh_CN.UTF-8:
https://github.com/kubernetes/kubernetes/blob/master/hack/make-rules/test-cmd-util.sh#L2838
The expected err string is translated to Chinese:
https://github.com/kubernetes/kubernetes/blob/master/translations/kubectl/zh_CN/LC_MESSAGES/k8s.po#L82
 2017-05-31 13:44:16 +08:00
Kubernetes Submit Queue
5995690396 Merge pull request #46076 from liggitt/node-authorizer 
Automatic merge from submit-queue

Node authorizer

This PR implements the authorization portion of https://github.com/kubernetes/community/blob/master/contributors/design-proposals/kubelet-authorizer.md and kubernetes/features#279:
* Adds a new authorization mode (`Node`) that authorizes requests from nodes based on a graph of related pods,secrets,configmaps,pvcs, and pvs:
  * Watches pods, adds edges (secret -> pod, configmap -> pod, pvc -> pod, pod -> node)
  * Watches pvs, adds edges (secret -> pv, pv -> pvc)
  * When both Node and RBAC authorization modes are enabled, the default RBAC binding that grants the `system:node` role to the `system:nodes` group is not automatically created.
* Tightens the `NodeRestriction` admission plugin to require identifiable nodes for requests from users in the `system:nodes` group.

This authorization mode is intended to be used in combination with the `NodeRestriction` admission plugin, which limits the pods and nodes a node may modify. To enable in combination with RBAC authorization and the NodeRestriction admission plugin:
* start the API server with `--authorization-mode=Node,RBAC --admission-control=...,NodeRestriction,...`
* start kubelets with TLS boostrapping or with client credentials that place them in the `system:nodes` group with a username of `system:node:<nodeName>`

```release-note
kube-apiserver: a new authorization mode (`--authorization-mode=Node`) authorizes nodes to access secrets, configmaps, persistent volume claims and persistent volumes related to their pods.
* Nodes must use client credentials that place them in the `system:nodes` group with a username of `system:node:<nodeName>` in order to be authorized by the node authorizer (the credentials obtained by the kubelet via TLS bootstrapping satisfy these requirements)
* When used in combination with the `RBAC` authorization mode (`--authorization-mode=Node,RBAC`), the `system:node` role is no longer automatically granted to the `system:nodes` group.
```

```release-note
RBAC: the automatic binding of the `system:node` role to the `system:nodes` group is deprecated and will not be created in future releases. It is recommended that nodes be authorized using the new `Node` authorization mode instead. Installations that wish to continue giving all members of the `system:nodes` group the `system:node` role (which grants broad read access, including all secrets and configmaps) must create an installation-specific ClusterRoleBinding.
```

Follow-up:
- [ ] enable e2e CI environment with admission and authorizer enabled (blocked by kubelet TLS bootstrapping enablement in https://github.com/kubernetes/kubernetes/pull/40760)
- [ ] optionally enable this authorizer and admission plugin in kubeadm
- [ ] optionally enable this authorizer and admission plugin in kube-up
 2017-05-30 22:42:54 -07:00
xiangpengzhao
0cacf526b2 Suggest user to use 'hack/install-etcd.sh' when running integration tests without etcd found. 2017-05-31 11:39:34 +08:00
Kubernetes Submit Queue
438e737657 Merge pull request #46415 from shiywang/prvent304 
Automatic merge from submit-queue (batch tested with PRs 46635, 45619, 46637, 45059, 46415)

Update url information to prevent http 304 redirection

Although repo [https://github.com/GoogleCloudPlatform/kubernetes](https://github.com/GoogleCloudPlatform/kubernetes) still can be access, but I think one more 304 redirection is no needed

```release-note
NONE
```
 2017-05-30 19:49:04 -07:00
Kubernetes Submit Queue
40dcbc4eb3 Merge pull request #46461 from ncdc/e2e-suite-metrics 
Automatic merge from submit-queue

Support grabbing test suite metrics

**What this PR does / why we need it**:
Add support for grabbing metrics that cover the entire test suite's execution.

Update the "interesting" controller-manager metrics to match the
current names for the garbage collector, and add namespace controller
metrics to the list.

If you enable `--gather-suite-metrics-at-teardown`, the metrics file is written to a file with a name such as `MetricsForE2ESuite_2017-05-25T20:25:57Z.json` in the `--report-dir`. If you don't specify `--report-dir`, the metrics are written to the test log output.

I'd like to enable this for some of the `pull-*` CI jobs, which will require a separate PR to test-infra.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```

@kubernetes/sig-testing-pr-reviews @smarterclayton @wojtek-t @gmarek @derekwaynecarr @timothysc
 2017-05-30 16:41:49 -07:00
Jordan Liggitt
fc8e915a4b
Add Node authorization mode based on graph of node-related objects 2017-05-30 16:53:03 -04:00
Jordan Liggitt
48a9357926
Add PV util for extracting referenced secrets 2017-05-30 15:12:30 -04:00
Ahmet Alp Balkan
d75710f9f4
client-go: Add CRUD Deployment sample 
This sample adds sample code for create/list/replace/delete operations for
Deployment resource for client-go library. This patch also contains
documentation explaining what the example application does and how it can be
executed.

This patch is part of the body of work improving the client library samples.

Signed-off-by: Ahmet Alp Balkan <ahmetb@google.com>
 2017-05-30 09:52:53 -07:00
Kubernetes Submit Queue
d621ebce89 Merge pull request #46116 from ncdc/storageclass-etcd-upgrade 
Automatic merge from submit-queue

Support storageclass storage updates to v1

**What this PR does / why we need it**: enable cluster administrators to update storageclasses stored in etcd from storage.k8s.io/v1beta1 to storage.k8s.io/v1. 

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**: I had a hard time getting the test to work with how it was handling KUBE_API_VERSIONS and RUNTIME_CONFIG. I would appreciate some extra review attention there. Also, I had to hack in a `cluster-scoped` "namespace" to get the verification portions of the test script to work. I'm definitely open to ideas for how to improve that if needed.

**Release note**:

```release-note
Support updating storageclasses in etcd to storage.k8s.io/v1. You must do this prior to upgrading to 1.8.
```

cc @kubernetes/sig-storage-pr-reviews @kubernetes/sig-api-machinery-pr-reviews @jsafrane @deads2k @saad-ali @enj
 2017-05-30 09:31:11 -07:00
deads2k
ce681fe47c move CRD from alpha to beta 2017-05-30 07:57:26 -04:00
Kubernetes Submit Queue
a4e730336d Merge pull request #46566 from xychu/kube-apiserver 
Automatic merge from submit-queue (batch tested with PRs 46561, 46566)

Fix golint errors in cmd/kube-apiserver

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
```
 2017-05-30 02:50:57 -07:00
Kubernetes Submit Queue
c866355894 Merge pull request #46561 from zhangxiaoyu-zidif/return-nil-e2e 
Automatic merge from submit-queue (batch tested with PRs 46561, 46566)

Return nil when err is nil

**What this PR does / why we need it**:
Return nil directly when err is nil

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-05-30 02:50:55 -07:00
Kubernetes Submit Queue
cc432dbc77 Merge pull request #46594 from xychu/golint 
Automatic merge from submit-queue

Fix golint error in apimachinery/pkg/{fields,lables}

Also add these two packages to linted packages lists



**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
```
 2017-05-29 22:02:20 -07:00
Kubernetes Submit Queue
755d368c4a Merge pull request #45782 from mtaufen/no-snat-test 
Automatic merge from submit-queue

no-snat test

This test checks that Pods can communicate with each other in the same cluster without SNAT.

I intend to create a job that runs this in small clusters (\~3 nodes) at a low frequency (\~once per day) so that we have a signal as we work on allowing multiple non-masquerade CIDRs to be configured (see [kubernetes-incubator/ip-masq-agent](https://github.com/kubernetes-incubator/ip-masq-agent), for example).

/cc @dnardo
 2017-05-29 16:19:46 -07:00
Clayton Coleman
3f41f8fcd1
Add priority and condition to column definitions 
Allow the server to indicate additional information along with each row
and table.
 2017-05-29 18:23:48 -04:00
Ethan Chu
d7485de02a Fix golint error in apimachinery/pkg/{fields,lables} 
Also add these two packages to linted packages lists
 2017-05-29 21:07:00 +08:00
Ethan Chu
ec18533f81 Add cmd/kube-apiserver/app/preflight to linted packages list 2017-05-29 20:57:11 +08:00
Dan Winship
0923f860f1 Regenerate files 2017-05-28 10:11:02 -04:00
Dan Winship
0683e55fc1 Add networking.k8s.io v1 API, with NetworkPolicy 2017-05-28 10:11:01 -04:00
Kubernetes Submit Queue
c2667203e4 Merge pull request #45859 from DirectXMan12/refactor/protobuf-for-metrics 
Automatic merge from submit-queue

Protobuf generation for k8s.io/metrics

This PR introduces protobuf generation for k8s.io/metrics.  Doing so required:

- fixing a bug in `go-to-protobuf` causing the `cast{key,value,type}` values to not be quoted when coming from struct tags (and not auto-injection by `go-to-protobuf` itself).
- Making sure the proto IDL in k8s.io/client-go had a package name of `k8s.io.client_go.xyz` and not `k8s.io.kubernetes.xyz`.

Additionally, I updated `go-to-protobuf` to skip functions and non-public types when composing the import list, which cuts down on the more bizarre imports in the IDL (like importing the sample API package in every IDL file because it contained `addToScheme`, like every other API package).

We use `castvalue` to force gogo-proto to realize that it should consider the value of the map which underlies `ResourceList` when calculating which imports need to be named.  Otherwise, it ignores the value's type, leading to compilation errors when it later can't find an import it assumed existed.  We accidentally didn't hit this in `k8s.io/kubernetes/pkg/api/v1` since another field coincidentally happens to directly use `resource.Quantity` (the value type of `ResourceList`).

**Release note**:
```release-note
NONE
```
 2017-05-27 14:08:46 -07:00
zhangxiaoyu-zidif
6245f34a00 return nil when err is nil 2017-05-27 14:34:45 +08:00
Kubernetes Submit Queue
fdb4fa689e Merge pull request #44742 from cheftako/aggregate 
Automatic merge from submit-queue (batch tested with PRs 46302, 44597, 44742, 46554)

Change to aggregator so it calls a user apiservice via its pod IP.

proxy_handler now does a sideways call to lookup the pod IPs for aservice.
It will then pick a random pod IP to forward the use apiserver request to.

**What this PR does / why we need it**: It allows the aggregator to work without setting up the full network stack on the kube master (i.e. with kube-dns or kube-proxy)

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #44619

**Special notes for your reviewer**:

**Release note**:

```release-note
```
 2017-05-26 20:39:56 -07:00
Solly Ross
7b8e572d8a [go-to-protobuf] generate proto for k8s.io/metrics 
This commit adds the `k8s.io/metrics` APIs to the list of packages for
which to generate protobuf.  Additionally, it adds
`k8s.io/client-go/pkg/apis/v1` as a non-generated (referenced) package.
 2017-05-26 19:59:27 -04:00
Kubernetes Submit Queue
899b6c00ba Merge pull request #45809 from CaoShuFeng/non-resource-url-create-rolebinding 
Automatic merge from submit-queue

support NonResourceURL for kubectl create clusterrole

Release note:
```release-note
add --non-resource-url to kubectl create clusterrole
```
 2017-05-26 16:47:06 -07:00
Walter Fender
ad8a83a7c1 Change to aggregator so it calls a user apiservice via its pod IP. 
proxy_handler now uses the endpoint router to map the cluster IP to
appropriate endpoint (Pod) IP for the given resource.
Added code to allow aggregator routing to be optional.
Updated bazel build.
Fixes to cover JLiggit comments.
Added util ResourceLocation method based on Listers.
Fixed issues from verification steps.
Updated to add an interface to obfuscate some of the routing logic.
Collapsed cluster IP resolution in to the aggregator routing
implementation.
Added 2 simple unit tests for ResolveEndpoint
 2017-05-26 16:10:01 -07:00
Michael Taufen
a653603e13 no-snat test 
Test checks that Pods can communicate with each other in the same
cluster without SNAT.
 2017-05-26 13:45:10 -07:00
Kubernetes Submit Queue
7bc6da0b77 Merge pull request #46294 from caesarxuchao/dynamic-registration-prototype 
Automatic merge from submit-queue (batch tested with PRs 46383, 45645, 45923, 44884, 46294)

Dynamic registration prototype

Implementing the api proposed in https://github.com/kubernetes/community/pull/611.
Wiring the code to serve the api via apiserver.
```release-note
Adding admissionregistration API group which enables dynamic registration of initializers and external admission webhooks. It is an alpha feature.
```
 2017-05-26 12:58:07 -07:00
Kubernetes Submit Queue
bcad534ebc Merge pull request #46058 from jcbsmpsn/configure-certificate-duration 
Automatic merge from submit-queue

Add support for specifying certificate duration at runtime.
 2017-05-26 11:02:03 -07:00
Andy Goldstein
41345418cb Support grabbing test suite metrics 
Update the "interesting" controller-manager metrics to match the
current names for the garbage collector, and add namespace controller
metrics to the list.
 2017-05-26 11:21:27 -04:00
Chao Xu
89e506c46a generated 2017-05-26 00:14:11 -07:00
Chao Xu
bc9b305f17 generated clients 2017-05-26 00:03:53 -07:00
Chao Xu
bc7597853f enable all available api versions when starting apiserver in update-swagger-spec.sh 2017-05-25 23:55:15 -07:00
Kubernetes Submit Queue
7d37a2685c Merge pull request #45867 from kow3ns/controller-history 
Automatic merge from submit-queue (batch tested with PRs 46429, 46308, 46395, 45867, 45492)

Controller history

**What this PR does / why we need it**:
Implements the ControllerRevision API object and clientset to allow for the implementation of StatefulSet update and DaemonSet history

```release-note
ControllerRevision type added for StatefulSet and DaemonSet history.
```
 2017-05-25 22:42:08 -07:00
Kubernetes Submit Queue
59ee250ced Merge pull request #46429 from wojtek-t/bump_go_to_183 
Automatic merge from submit-queue (batch tested with PRs 46429, 46308, 46395, 45867, 45492)

Bump Go version to 1.8.3

This PR also removed this patched version of Go 1.8.1 which we used to use to workaround performance problem of Go 1.8.1.

Fix https://github.com/kubernetes/kubernetes/issues/45216
Ref #46391

@timothysc @bradfitz
 2017-05-25 22:42:01 -07:00
Cao Shufeng
93e50b167e support NonResourceURL for kubectl create clusterrole 2017-05-26 10:07:44 +08:00
Kenneth Owens
ba128e6e41 Implements ControllerRevision API Object without codec and code 
generation
 2017-05-25 11:38:57 -07:00
Wojciech Tyczynski
97b6701ea1 Get rid of patched version of Go 1.8.1 2017-05-25 20:05:34 +02:00
Monis Khan
a13f026fd0
Panic server on watch errors in test environment 
This change makes it so that errors during watch decoding panic the
server if it is in a test environment.  This allows us to catch coder
errors related to storing incompatible types at the same location in
etcd.

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2017-05-25 13:54:56 -04:00
Maru Newby
2c886e93e9 kubefed: Use StoraceClassName class field for etcd pvc 2017-05-25 10:21:08 -07:00
David Ashpole
b2a60dc9a4 By default, Disable LowDiskSpaceThresholdMB, and enable eviciton for disk 2017-05-25 10:03:35 -07:00
Kubernetes Submit Queue
ed8843406e Merge pull request #46303 from Random-Liu/fix-cos-image-project 
Automatic merge from submit-queue (batch tested with PRs 46299, 46309, 46311, 46303, 46150)

Fix cos image project to cos-cloud.

Addressed https://github.com/kubernetes/kubernetes/pull/45136#discussion_r118092211.

@vishh @yujuhong @dchen1107
 2017-05-24 23:19:09 -07:00
Shiyang Wang
b5cd22641f update url information to prevent http 304 redirection 2017-05-25 14:05:02 +08:00
Jacob Simpson
07e9b0e197 Add support for specifying certificate duration at runtime. 2017-05-24 13:29:46 -07:00
Andy Goldstein
538eb3c6cb Support storageclass storage upgrades to v1 2017-05-24 10:43:56 -04:00
Kubernetes Submit Queue
c2421df336 Merge pull request #46194 from CaoShuFeng/under 
Automatic merge from submit-queue (batch tested with PRs 46149, 45897, 46293, 46296, 46194)

check flag format in file known-flags.txt

All flags in file hack/verify-flags/known-flags.txt should contain
character -, this change check it to prevent adding useless flags
to known-flags.txt
ref #45948 

**Release note**:

```
NONE
```
 2017-05-23 15:49:03 -07:00
Kubernetes Submit Queue
3ff99a8381 Merge pull request #46149 from cjcullen/logtoggle 
Automatic merge from submit-queue

Allow the /logs handler on the apiserver to be toggled.

Adds a flag to kube-apiserver, and plumbs through en environment variable in configure-helper.sh
 2017-05-23 15:19:08 -07:00
Random-Liu
82f588b483 Fix cos image project to cos-cloud. 2017-05-23 15:12:03 -07:00
Kubernetes Submit Queue
1e2105808b Merge pull request #45136 from vishh/cos-nvidia-driver-install 
Automatic merge from submit-queue

Enable "kick the tires" support for Nvidia GPUs in COS

This PR provides an installation daemonset that will install Nvidia CUDA drivers on Google Container Optimized OS (COS).
User space libraries and debug utilities from the Nvidia driver installation are made available on the host in a special directory on the host -
* `/home/kubernetes/bin/nvidia/lib` for libraries
*  `/home/kubernetes/bin/nvidia/bin` for debug utilities

Containers that run CUDA applications on COS are expected to consume the libraries and debug utilities (if necessary) from the host directories using `HostPath` volumes.

Note: This solution requires updating Pod Spec across distros. This is a known issue and will be addressed in the future. Until then CUDA workloads will not be portable.

This PR updates the COS base image version to m59. This is coupled with this PR for the following reasons:
1. Driver installation requires disabling a kernel feature in COS. 
2. The kernel API for disabling this interface changed across COS versions
3. If the COS image update is not handled in this PR, then a subsequent COS image update will break GPU integration and will require an update to the installation scripts in this PR.
4. Instead of having to post `3` PRs, one each for adding the basic installer, updating COS to m59, and then updating the installer again, this PR combines all the changes to reduce review overhead and latency, and additional noise that will be created when GPU tests break.

**Try out this PR**
1. Get Quota for GPUs in any region
2. `export `KUBE_GCE_ZONE=<zone-with-gpus>` KUBE_NODE_OS_DISTRIBUTION=gci`
3. `NODE_ACCELERATORS="type=nvidia-tesla-k80,count=1" cluster/kube-up.sh`
4. `kubectl create -f cluster/gce/gci/nvidia-gpus/cos-installer-daemonset.yaml`
5. Run your CUDA app in a pod.

**Another option is to run a e2e manually to try out this PR**
1. Get Quota for GPUs in any region
2. export `KUBE_GCE_ZONE=<zone-with-gpus>` KUBE_NODE_OS_DISTRIBUTION=gci
3. `NODE_ACCELERATORS="type=nvidia-tesla-k80,count=1"`
4. `go run hack/e2e.go -- --up` 
5. `hack/ginkgo-e2e.sh --ginkgo.focus="\[Feature:GPU\]"`
The e2e will install the drivers automatically using the daemonset and then run test workloads to validate driver integration.

TODO:
- [x] Update COS image version to m59 release.
- [x] Remove sleep from the install script and add it to the daemonset
- [x] Add an e2e that will run the daemonset and run a sample CUDA app on COS clusters.
- [x] Setup a test project with necessary quota to run GPU tests against HEAD to start with https://github.com/kubernetes/test-infra/pull/2759
- [x] Update node e2e serial configs to install nvidia drivers on COS by default
 2017-05-23 10:46:10 -07:00
Anirudh
078f9566d9 PDB MaxUnavailable: kubectl changes 2017-05-23 07:18:44 -07:00
Kubernetes Submit Queue
644a544d62 Merge pull request #46062 from alexandercampbell/correct-deprecation-errors 
Automatic merge from submit-queue (batch tested with PRs 46201, 45952, 45427, 46247, 46062)

kubectl: fix deprecation warning bug

**What this PR does / why we need it**:

Some kubectl commands were deprecated but would fail to print the
correct warning message when a flag was given before the command name.

	# Correctly prints the warning that "resize" is deprecated and
	# "scale" is now preferred.
	kubectl resize [...]

	# Should print the same warning but no warning is printed.
	kubectl --v=1 resize [...]

This was due to a fragile check on os.Args[1].

This commit implements a new function deprecatedCmd() that is used to
construct new "passthrough" commands which are marked as deprecated and
hidden.

Note that there is an existing "filters" system that may be preferable
to the system created in this commit. I'm not sure why the "filters"
array was not used for all deprecated commands in the first place.

**Release note**:

```release-note
NONE
```
 2017-05-22 20:58:07 -07:00
Kubernetes Submit Queue
31bd852ec1 Merge pull request #46247 from marun/fed-override-etcd-default-image 
Automatic merge from submit-queue (batch tested with PRs 46201, 45952, 45427, 46247, 46062)

[Federation][kubefed]: Add support for etcd image override

This PR adds support for overriding the default etcd image used by ``kubefed init`` by providing an argument to ``--etcd-image``.  This is primarily intended to allow consumers like openshift to provide a different default, but as a nice side-effect supports code-free validation of non-default etcd images. 

**Release note**:

```release-note
'kubefed init' now supports overriding the default etcd image name with the --etcd-image parameter.
```
cc: @kubernetes/sig-federation-pr-reviews
 2017-05-22 20:58:05 -07:00
Kubernetes Submit Queue
c6cf666fa1 Merge pull request #45308 from fabianofranz/more_cmd_sanity_checks 
Automatic merge from submit-queue (batch tested with PRs 46022, 46055, 45308, 46209, 43590)

More cli sanity verifications

Adds some more `kubectl` command sanity checks to improve consistency and avoid the need of code reviews for some of our CLI style and standards.

**Release note**:

```release-note
NONE
```
@kubernetes/sig-cli-pr-reviews
 2017-05-22 19:59:59 -07:00
Kubernetes Submit Queue
bb56937b92 Merge pull request #46055 from deads2k/crd-01-embed 
Automatic merge from submit-queue (batch tested with PRs 46022, 46055, 45308, 46209, 43590)

embed kube-apiextensions inside of kube-apiserver

To reduce operation complexity, we decided to include the kube-apiextensions-server inside of kube-apiserver (https://github.com/kubernetes/community/blob/master/sig-api-machinery/api-extensions-position-statement.md#q-should-kube-aggregator-be-a-separate-binaryprocess-than-kube-apiserver).  With the API reasonably well established and a finalizer about merge, I think its time to add ourselves.

This pull wires kube-apiextensions-server ahead of the TPRs so that one will replace the other if both are added by accident (CRDs should have priority) and wires a controller for automatic aggregation.

WIP because I still need tests: unit test for controller, test-cmd test to mirror the TPR test.


```release-note
Adds the `CustomResourceDefinition` (crd) types to the `kube-apiserver`.  These are the successors to `ThirdPartyResource`.  See https://github.com/kubernetes/community/blob/master/contributors/design-proposals/thirdpartyresources.md for more details.
```
 2017-05-22 19:59:57 -07:00
Kubernetes Submit Queue
503a8421fb Merge pull request #38990 from mikedanese/go-genrule-sets 
Automatic merge from submit-queue (batch tested with PRs 38990, 45781, 46225, 44899, 43663)

migrate set generation to go_genrule

Depends on https://github.com/kubernetes/release/pull/238
 2017-05-22 19:06:58 -07:00
Maru Newby
080d1081d0 fed: Add support for etcd image override to kubefed init 2017-05-22 15:16:41 -07:00
CJ Cullen
9dca164ddd Allow the /logs handler on the apiserver to be toggled. 
Change-Id: Ibf173b7f85cf7fffe8482eaee74fb77da2b2588b
 2017-05-22 14:37:24 -07:00
Alexander Campbell
46cdb3966c test-cmd-util: fix deprecated commands test 
Additionally, move the test down to ensure definition order matches run
order.
 2017-05-22 13:39:51 -07:00
Alexander Campbell
c9c8d61048 Merge branch 'master' into correct-deprecation-errors 2017-05-22 09:55:07 -07:00
deads2k
446e959bf7 make CRD apiservice controller 2017-05-22 08:54:14 -04:00
Cao Shufeng
3aa71aa193 check flag format in file known-flags.txt 
All flags in file hack/verify-flags/known-flags.txt should contain
character -, this change check this to prevent adding useless flags
to known-flags.txt
 2017-05-22 10:51:04 +08:00
Vishnu kannan
1e77594958 Adding an installer script that installs Nvidia drivers in Container Optimized OS 
Packaged the script as a docker container stored in gcr.io/google-containers
A daemonset deployment is included to make it easy to consume the installer
A cluster e2e has been added to test the installation daemonset along with verifying installation
by using a sample CUDA application.
Node e2e for GPUs updated to avoid running on nodes without GPU devices.

Signed-off-by: Vishnu kannan <vishnuk@google.com>
 2017-05-20 21:17:19 -07:00
Kubernetes Submit Queue
a8bff0ed9a Merge pull request #45836 from mbohlool/openapi_pb 
Automatic merge from submit-queue

Add protobuf binary version of OpenAPI spec

Fixes #45833
Partially fixes #42841

```release-note
OpenAPI spec is now available in protobuf binary and gzip format (with ETag support)
```
 2017-05-20 11:01:04 -07:00
Kubernetes Submit Queue
8fe818b2a1 Merge pull request #45981 from fabianofranz/kubectl_plugins_v1_part1 
Automatic merge from submit-queue (batch tested with PRs 46033, 46122, 46053, 46018, 45981)

Command tree and exported env in kubectl plugins

This is part of `kubectl` plugins V1:
- Adds support to several env vars passing context information to the plugin. Plugins can make use of them to connect to the REST API, access global flags, get the path of the plugin caller (so that `kubectl` can be invoked) and so on. Exported env vars include
  - `KUBECTL_PLUGINS_DESCRIPTOR_*`: the plugin descriptor fields
  - `KUBECTL_PLUGINS_GLOBAL_FLAG_*`: one for each global flag, useful to access namespace, context, etc
  - ~`KUBECTL_PLUGINS_REST_CLIENT_CONFIG_*`: one for most fields in `rest.Config` so that a REST client can be built.~
  - `KUBECTL_PLUGINS_CALLER`: path to `kubectl`
  - `KUBECTL_PLUGINS_CURRENT_NAMESPACE`: namespace in use
- Adds support for plugins as child of other plugins so that a tree of commands can be built (e.g. `kubectl myplugin list`, `kubectl myplugin add`, etc)

**Release note**:

```release-note
Added support to a hierarchy of kubectl plugins (a tree of plugins as children of other plugins).

Added exported env vars to kubectl plugins so that plugin developers have access to global flags, namespace, the plugin descriptor and the full path to the caller binary.
```
@kubernetes/sig-cli-pr-reviews
 2017-05-19 23:29:32 -07:00
Kubernetes Submit Queue
83a1a863ad Merge pull request #45564 from whitlockjc/admission-api-group 
Automatic merge from submit-queue (batch tested with PRs 45996, 46121, 45707, 46011, 45564)

add "admission" API group

This commit is an initial pass at providing an admission API group.
The API group is required by the webhook admission controller being
developed as part of https://github.com/kubernetes/community/pull/132
and could be used more as that proposal comes to fruition.

**Note:** This PR was created by following the [Adding an API Group](https://github.com/kubernetes/community/blob/master/contributors/devel/adding-an-APIGroup.md) documentation.

cc @smarterclayton
 2017-05-19 18:57:38 -07:00
Kubernetes Submit Queue
e2a9327999 Merge pull request #45707 from Crazykev/cri-experimental 
Automatic merge from submit-queue (batch tested with PRs 45996, 46121, 45707, 46011, 45564)

Remove flag `experimental-cri` in e2e-node test

Signed-off-by: Crazykev <crazykev@zju.edu.cn>



**What this PR does / why we need it**: 
This patch remove deprecated flag in node e2e test script, cause kubelet already remove this. Leave this will make kubelet start failed.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**: /cc @feiskyer 

**Release note**:

```release-note
NONE
```
 2017-05-19 18:57:34 -07:00
Kubernetes Submit Queue
ee9bab1111 Merge pull request #45996 from cblecker/hack-owner 
Automatic merge from submit-queue

Add cblecker to hack/ reviewers

**What this PR does / why we need it**:
I've done a number of reviews in this part of the code base, and would like to continue helping out and formally be assigned PRs that change things in hack/

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-05-19 16:06:27 -07:00
mbohlool
601570a079 Fix hack/update-federation-openapi-spec.sh flakyness 2017-05-19 15:39:08 -07:00
Fabiano Franz
18cb56bf78 kubectl plugins have access config, global flags and environment 2017-05-19 19:17:43 -03:00
Fabiano Franz
da85262f70 Adds support to a tree hierarchy of kubectl plugins 2017-05-19 18:06:15 -03:00
Alexander Campbell
213f3c7e6e Merge branch 'master' into correct-deprecation-errors 2017-05-19 12:58:42 -07:00
Jeremy Whitlock
1b59dd887d add "admission" API group 
This commit is an initial pass at providing an admission API group.
The API group is required by the webhook admission controller being
developed as part of https://github.com/kubernetes/community/pull/132
and could be used more as that proposal comes to fruition.
 2017-05-19 10:17:37 -06:00
Kubernetes Submit Queue
9a5694b4c4 Merge pull request #45908 from ncdc/kube-proxy-write-config 
Automatic merge from submit-queue

kube-proxy: add --write-config-to flag

Add --write-config-to flag to kube-proxy to write the default configuration
values to the specified file location.

@deads2k suggested I create my own scheme for this, so I followed the example he shared with me. The only bit currently still referring to `api.Scheme` is where we create the event broadcaster recorder. In order to use the custom private scheme, I either have to pass it in to `NewProxyServer()`, or I have to make `NewProxyServer()` a member of the `Options` struct. If the former, then I probably need to export `Options.scheme`. Thoughts?

cc @mikedanese @sttts @liggitt @deads2k @smarterclayton @timothysc @kubernetes/sig-network-pr-reviews @kubernetes/sig-api-machinery-pr-reviews 

```release-note
Add --write-config-to flag to kube-proxy to allow users to write the default configuration settings to a file.
```
 2017-05-19 09:01:04 -07:00
Alexander Campbell
acfdafb1fb Merge branch 'master' into correct-deprecation-errors 2017-05-19 08:55:17 -07:00
Alexander Campbell
2acc5f18b5 test-cmd-util.sh: add test for deprecated commands 2017-05-19 08:55:12 -07:00
Jordan Liggitt
20ccdfbd3b
Fix unbound variable 2017-05-19 00:29:50 -04:00
Kubernetes Submit Queue
5290eece28 Merge pull request #45948 from CaoShuFeng/underscore 
Automatic merge from submit-queue (batch tested with PRs 41535, 45985, 45929, 45948, 46056)

remove useless flags from hack/verify-flags/known-flags.txt

Flags in known-flags.txt is used to check misspelling from "-" to "_" in
workspace, so a flag with out "-" should not show up in this file.

**Release note**:

```release-note
NONE
```
 2017-05-18 19:58:15 -07:00
Kubernetes Submit Queue
a9fbeef694 Merge pull request #45929 from liggitt/node-admission 
Automatic merge from submit-queue (batch tested with PRs 41535, 45985, 45929, 45948, 46056)

NodeRestriction admission plugin

Adds an optional `NodeRestriction` admission plugin that limits identifiable kubelets to mutating their own Node object, and Pod objects bound to their node.

This is the admission portion of https://github.com/kubernetes/community/blob/master/contributors/design-proposals/kubelet-authorizer.md and kubernetes/features#279

```release-note
The `NodeRestriction` admission plugin limits the `Node` and `Pod` objects a kubelet can modify. In order to be limited by this admission plugin, kubelets must use credentials in the `system:nodes` group, with a username in the form `system:node:<nodeName>`. Such kubelets will only be allowed to modify their own `Node` API object, and only modify `Pod` API objects that are bound to their node.
```
 2017-05-18 19:58:13 -07:00
Kubernetes Submit Queue
8214f7bb29 Merge pull request #45839 from caesarxuchao/client-gen-vendor 
Automatic merge from submit-queue

let client-gen understand vendor

This is extracted from #44784, where we move external api types to k8s.io/api. After the move, the types will locate at vendor/k8s.io/api/xxx. However, gengo index the parsed package using the import path, which is stripped of  the vendor/ prefix, so we'll need to strip the vendor/ prefix as necessary in client-gen.

This PR doesn't produce any change to the generated clientset yet since all types are still in the kubernetes repo.
 2017-05-18 17:45:35 -07:00
Jordan Liggitt
6fd36792f1
Add NodeRestriction admission plugin 2017-05-18 16:43:42 -04:00
Jordan Liggitt
0c516c3ac2
Add NodeIdentifier interface and default implementation 2017-05-18 16:43:41 -04:00
Fabiano Franz
3bb04c67cc More cli sanity verifications 2017-05-18 15:44:49 -03:00
Tim St. Clair
6565f68cfa
Update generated files 2017-05-18 10:39:04 -07:00
Tim St. Clair
cdacc1f6df
Add internal audit API types 2017-05-18 10:30:21 -07:00
Kubernetes Submit Queue
d775ff4c3a Merge pull request #45982 from fabianofranz/more_sig_cli_owners 
Automatic merge from submit-queue

More owners from SIG-CLI

Adds SIG-CLI as reviewers and approvers of `cmd/clicheck/` and adds me + @pwittrock as approvers in `hack/` (mostly for `test-cmd` and some `hack/verify*.sh` and `hack/update*.sh` scripts).

**Release note**:

```release-note
NONE
```
 2017-05-18 10:17:22 -07:00
Kubernetes Submit Queue
a1c2db2fec Merge pull request #45950 from shyamjvs/revert-proxier 
Automatic merge from submit-queue

Make real proxier in hollow-proxy optional (default=true)

Ref https://github.com/kubernetes/kubernetes/pull/45622
This allows using real proxier for hollow proxy, but we use the fake one by default.

cc @kubernetes/sig-scalability-misc @wojtek-t @gmarek
 2017-05-18 07:55:09 -07:00
Andy Goldstein
032e2f6652 kube-proxy: add --write-config flag 
Add --write-config flag to kube-proxy to write the default configuration
values to the specified file location.
 2017-05-18 10:34:22 -04:00
Shyam Jeedigunta
804a4f558c Make usage of real proxier in hollow-proxy optional (default=true) 2017-05-18 14:30:12 +02:00
Janet Kuo
1ced5ae22c Add integration test for deployment 2017-05-17 14:41:59 -07:00
Christoph Blecker
78fe90edf6
Add cblecker to hack/ reviewers 2017-05-17 13:44:28 -07:00
Fabiano Franz
e4953081f7 More owners from SIG-CLI 2017-05-17 15:46:34 -03:00
Kubernetes Submit Queue
ac62748480 Merge pull request #44230 from mtaufen/remove-babysit-daemons 
Automatic merge from submit-queue

Remove the deprecated --babysit-daemons kubelet flag

```release-note
Removes the deprecated kubelet flag --babysit-daemons
```

This flag has been deprecated for over a year (git blame says marked deprecated on March 1, 2016).
Relatively easy removal - nothing in the Kubelet relies on it anymore.

There was still some stuff in the provisioning scripts. It was easy to rip out, but in general we probably need to be more disciplined about updating the provisioning scripts at the same time that we initially mark things deprecated.
 2017-05-17 11:23:17 -07:00
Kubernetes Submit Queue
4a9a702ee1 Merge pull request #45926 from MrHohn/api-annotations-move 
Automatic merge from submit-queue

Move all API related annotations into annotation_key_constants.go

Separate from #45869. See https://github.com/kubernetes/kubernetes/pull/45869#discussion_r116839411 for details.

This PR does nothing but move constants around :)

/assign @caesarxuchao 

**Release note**:

```release-note
NONE
```
 2017-05-17 10:34:53 -07:00
Kubernetes Submit Queue
2cf0169092 Merge pull request #45895 from humblec/glusterfs-defacto 
Automatic merge from submit-queue

Make interface references consistent across the gluster plugin code.
 2017-05-17 09:42:40 -07:00
Michael Taufen
2ee2ec5e21 Remove the deprecated --babysit-daemons kubelet flag 2017-05-17 09:08:57 -07:00
Kubernetes Submit Queue
c26f5123dc Merge pull request #45936 from shashidharatd/kubectl-tests 
Automatic merge from submit-queue

Disabling service-dns controller for federation kubectl tests

**What this PR does / why we need it**:

DNS was unnecessary to do kubectl tests against federation, but it was required earlier as service-controller would not start without initializing dns-provider. Now since we have the capability to disable service-dns controller, we no longer need to initialize federation-controller-manger with DNS specific stuff. So removing it.

Ref: https://github.com/kubernetes/kubernetes/pull/43136#issuecomment-287242198

**Release note**:
```
NONE
```
/cc @nikhiljindal @marun 
@kubernetes/sig-federation-pr-reviews
 2017-05-17 05:57:43 -07:00
Cao Shufeng
dd93784b20 remove useless flags from hack/verify-flags/known-flags.txt 
Flags in known-flags.txt is used to check misspelling from "-" to "_" in
workspace, so a flag with out "-" should not show up in this file.
 2017-05-17 17:54:24 +08:00
Kubernetes Submit Queue
6047143f3e Merge pull request #41939 from smarterclayton/encrypt_transformer 
Automatic merge from submit-queue (batch tested with PRs 45709, 41939)

Add an AEAD encrypting transformer for storing secrets encrypted at rest

Tweak the ValueTransformer interface slightly to support additional
context information (to allow authenticated data to be generated by the
store and passed to the transformer). Add a prefix transformer that
looks for known matching prefixes and uses them. Add an AES GCM
transformer that performs AEAD on the values coming in and out of the
store.

Implementation of https://docs.google.com/document/d/1lFhPLlvkCo3XFC2xFDPSn0jAGpqKcCCZaNsBAv8zFdE/edit# and https://github.com/kubernetes/kubernetes/issues/12742
 2017-05-16 23:11:51 -07:00
Kubernetes Submit Queue
b059116a69 Merge pull request #45879 from wojtek-t/workaround_go_performance_regression 
Automatic merge from submit-queue (batch tested with PRs 45884, 45879, 45912, 45444, 45874)

Use patched version of Go 1.8.1 to eliminate performance regression

Ref https://github.com/kubernetes/kubernetes/issues/45216

Until this is solved in Go (it's still unclear whether there will be patch release with the fix or not), this is solving the problem on our side.
 2017-05-16 22:18:52 -07:00
Humble Chirammal
ae0fae7c7c Add glusterfs to linted_packages. 
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2017-05-17 10:27:34 +05:30
Zihong Zheng
5992425588 Autogenerated files 2017-05-16 21:55:51 -07:00
shashidharatd
47ab49eb4f Disabling service-dns controller for federation kubectl tests 2017-05-17 10:22:47 +05:30
Chao Xu
bd6a9604dc generated 2017-05-16 20:40:04 -07:00
Clayton Coleman
7827899b1d
generated: bazel 2017-05-16 22:37:00 -04:00
Kubernetes Submit Queue
3f0ebbe884 Merge pull request #45247 from mbohlool/c3 
Automatic merge from submit-queue (batch tested with PRs 45247, 45810, 45034, 45898, 45899)

Apiregistration v1alpha1→v1beta1

Promoting apiregistration api from v1alpha1 to v1beta1.

API Registration is responsible for registering an API `Group`/`Version` with
another kubernetes like API server. The `APIService` holds information
about the other API server in `APIServiceSpec` type as well as general
`TypeMeta` and `ObjectMeta`. The `APIServiceSpec` type have the main
configuration needed to do the aggregation. Any request coming for
specified `Group`/`Version` will be directed to the service defined by
`ServiceReference` (on port 443) after validating the target using provided
`CABundle` or skipping validation if development flag `InsecureSkipTLSVerify`
is set. `Priority` is controlling the order of this API group in the overall
discovery document.
The return status is a set of conditions for this aggregation. Currently
there is only one condition named "Available", if true, it means the
api/server requests will be redirected to specified API server.

```release-note
API Registration is now in beta.
```
 2017-05-16 19:01:55 -07:00
Kubernetes Submit Queue
7f92d35f1c Merge pull request #45739 from timothysc/cm_lock 
Automatic merge from submit-queue (batch tested with PRs 45374, 44537, 45739, 44474, 45888)

Allow kcm and scheduler to lock on ConfigMaps.

**What this PR does / why we need it**:
Plumbs through the ability to lock on ConfigMaps through the kcm and scheduler.  

**Which issue this PR fixes** 
Fixes: #44857
Addresses issues with: #45415

**Special notes for your reviewer**:

**Release note**:

```
Add leader-election-resource-lock support to kcm and scheduler to allow for locking on ConfigMaps as well as Endpoints(default) 
```
/cc @kubernetes/sig-cluster-lifecycle-pr-reviews @jamiehannaford @bsalamat @mikedanese
 2017-05-16 18:10:57 -07:00
Kubernetes Submit Queue
31cb269d4c Merge pull request #44525 from irfanurrehman/fed-common-preferences 
Automatic merge from submit-queue (batch tested with PRs 45860, 45119, 44525, 45625, 44403)

[Federation] Move annotations and related parsing code as common code

This PR moves some code, which was duplicate, around as common code.
Changes the names of structures used for annotations to common names.
s/FederatedReplicaSetPreferences/ReplicaAllocationPreferences/
s/ClusterReplicaSetPreferences/PerClusterPreferences/
This can be reused in job controller and hpa controller code.

**Special notes for your reviewer**:
@kubernetes/sig-federation-misc 

**Release note**:

```NONE
```
 2017-05-16 16:14:54 -07:00
Kubernetes Submit Queue
ec415a12d2 Merge pull request #45119 from dims/set-default-host-path-as-provisioner 
Automatic merge from submit-queue (batch tested with PRs 45860, 45119, 44525, 45625, 44403)

Support running StatefulSetBasic e2e tests with local-up-cluster

**What this PR does / why we need it**:

Currently StatefulSet(s) fail when you use local-up-cluster without
setting a cloud provider. In this PR, we use set the
kubernetes.io/host-path provisioner as the default provisioner when
there CLOUD_PROVIDER is not specified. This enables e2e test(s)
(specifically StatefulSetBasic) to work.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
```
 2017-05-16 16:14:51 -07:00
Wojciech Tyczynski
3a1bb09ea9 Patch golang 2017-05-16 21:29:22 +02:00
Cosmin Cojocar
682d5ec01f Add client auth plugin for Azure Active Directory 
This plugin acquires a fresh access token for apiserver from Azure Active
Directory using the device code flow. The access token is saved in the
configuration in order to be reused for upcomming accesses to appiserver.
In additon the access token is automatically refreshed when expired.
 2017-05-16 16:42:30 +02:00
Kubernetes Submit Queue
294c6362bd Merge pull request #43696 from CaoShuFeng/asgroups 
Automatic merge from submit-queue

add --as-group option to cli

The usecase of this change:
When a super user grant some RBAC permissions to a group, he can use
--as--group to test whether the group get the permissions.
Note that now we support as-groups, as-user-extra in kubeconfig file after this change.

**Release note**:

```NONE
```
@liggitt
 2017-05-16 06:47:10 -07:00
Kubernetes Submit Queue
a4c4cfe9de Merge pull request #45862 from timstclair/audit-api-internal 
Automatic merge from submit-queue

Internal audit API

Forked from https://github.com/kubernetes/kubernetes/pull/45315

I pulled out only the internal audit API types and would like to merge this to unblock the audit implementation work while we figure out the versioned types and code generation.

I will continue to iterate on https://github.com/kubernetes/kubernetes/pull/45315, but lets get this internal type submitted.

/cc @ericchiang @ihmccreery
 2017-05-16 00:59:39 -07:00
Chao Xu
2a9745e96d remove excpetion in verify-no-vendor-cycles.sh 2017-05-15 20:17:38 -07:00
Tim St. Clair
e30139b0d7
update linted_packages 2017-05-15 18:42:55 -07:00
nikhiljindal
8844a279a8 Add update-federation-* scripts to update-all.sh 2017-05-15 16:51:09 -07:00
mbohlool
e2f20a3539 Promote apiregistration from v1alpha1 to v1beta1 2017-05-15 15:34:33 -07:00
Kubernetes Submit Queue
cb26eb6049 Merge pull request #45176 from lavalamp/no-cycles 
Automatic merge from submit-queue (batch tested with PRs 41331, 45591, 45600, 45176, 45658)

Detect and prevent new vendor cycles

I see that we have added a dependency with a cyclic reference to
kubernetes. This makes life much harder, we should not do it. This
script should prevent any more offenders while we fix the existing one.
 2017-05-15 13:25:50 -07:00
Kubernetes Submit Queue
f6bcd28cd7 Merge pull request #41331 from dshulyak/import_remotecommand 
Automatic merge from submit-queue (batch tested with PRs 41331, 45591, 45600, 45176, 45658)

Move client/unversioned/remotecommand to client-go

Module remotecommand originally part of kubernetes/pkg/client/unversioned was moved
to client-go/tools, and will be used as authoritative in kubectl, e2e and other places.

Module remotecommand relies on util/exec module which was copied to client-go/pkg/util
 2017-05-15 13:25:42 -07:00
Timothy St. Clair
2033ea6c2c Update generated 2017-05-15 10:01:57 -05:00
Timothy St. Clair
1173c84ad9 Update to plumb through configurable locking on different resource types. 2017-05-15 10:01:46 -05:00
Dmitry Shulyak
c0a3e9ad13 Fix golint and godeps verification 2017-05-15 16:28:56 +03:00
Dmitry Shulyak
2612e0c78a Move client/unversioned/remotecommand to client-go 
Module remotecommand originally part of kubernetes/pkg/client/unversioned was moved
to client-go/tools, and will be used as authoritative in kubectl, e2e and other places.

Module remotecommand relies on util/exec module which will be copied to client-go/pkg/util
 2017-05-15 16:28:56 +03:00
Cao Shufeng
726d720c78 Fix invalid bash script in unit test. 
This change fix such error when we run "make test":
    "find: invalid expression; you have used a binary operator '-o' with
     nothing before it."
 2017-05-15 15:36:27 +08:00
nikhiljindal
b3d2e244ea Adding verify-federation-api-reference-docs.sh 2017-05-14 17:20:24 -07:00
nikhiljindal
174e92b24f Adding verify-federation-generated-swagger-docs.sh 2017-05-14 17:20:24 -07:00
nikhiljindal
2e194763ac Adding verify-federation-swagger-spec.sh 2017-05-14 17:15:41 -07:00
Cao Shufeng
e541defd49 add --as-group option to cli 
The usecase of this change:
When a super user grant some RBAC permissions to a group, he can use
--as-group to test whether the group get the permissions.
Note that now we support as-groups, as-user-extra in kubeconfig file
after this change.
 2017-05-14 16:21:05 +08:00
Vishnu kannan
d1b4dba440 adding support for gpus in node e2e 
Signed-off-by: Vishnu kannan <vishnuk@google.com>
 2017-05-13 16:35:54 -07:00
Daniel Smith
4bda915c68 Detect and prevent new vendor cycles 
I see that we have added a dependency with a cyclic reference to
kubernetes. This makes life much harder, we should not do it. This
script should prevent any more offenders while we fix the existing one.

Change-Id: Iabc22ee7a2c7c54697991d2f8c24e80acb0281e4
 2017-05-12 16:56:08 -07:00
Michael Taufen
cbad320205 Reorganize kubelet tree so apis can be independently versioned 2017-05-12 10:02:33 -07:00
Irfan Ur Rehman
de2544d5c3 [Federation] Move annotations and related parsing code as common code 2017-05-12 18:22:37 +05:30
Kubernetes Submit Queue
e85a980e0a Merge pull request #45691 from rmmh/owners-prefixes 
Automatic merge from submit-queue (batch tested with PRs 45691, 45667, 45698, 45715)

Make update_owners.py also emit a JSON sig-owners list.

This should experience less churn in general!

I'm going to make the triage page use this list to let sigs have individualized dashboards.

**Release note**:
```release-note
NONE
```
 2017-05-12 04:09:39 -07:00
Crazykev
f2737c451e remove experimental-cri in e2e-node test 
Signed-off-by: Crazykev <crazykev@zju.edu.cn>
 2017-05-12 15:20:47 +08:00
Hemant Kumar
9a1a9cbe08 detach the volume when pod is terminated 
Make sure volume is detached when pod is terminated because
of any reason and not deleted from api server.
 2017-05-11 22:18:22 -04:00
Ryan Hitchman
667c1592b5 Make update_owners.py also emit a JSON sig-owners list. 
This should experience less churn in general!
 2017-05-11 17:01:29 -07:00
Kubernetes Submit Queue
1f3b158a10 Merge pull request #45194 from yujuhong/rm-cri-flag 
Automatic merge from submit-queue

Remove the deprecated `--enable-cri` flag

Except for rkt, CRI is the default and only integration point for
container runtimes.

```release-note
Remove the deprecated `--enable-cri` flag. CRI is now the default, 
and the only way to integrate with kubelet for the container runtimes.
```
 2017-05-10 20:46:24 -07:00
Kubernetes Submit Queue
a48cfe9fe5 Merge pull request #45384 from caesarxuchao/copy-metrics-interanl 
Automatic merge from submit-queue (batch tested with PRs 45382, 45384, 44781, 45333, 45543)

Copy internal types to metrics

Supersedes #45306. 

#45306 removed the internal types and suggested whoever needs the internal types should define their own copy, and use the code-gen tools to generated the conversion functions. Per offline discussion with @DirectXMan12, we wanted to go that direction but it's not clear where to put the internal types yet. Hence, as a temporary solution, we decided copy the referred client-go/pkg/api types into metrics api to avoid the dependency.

The commit "remove need of registry from custom_metrics/client.go" is similar to what I did to the fake client in an earlier PR. Let me know if you want to put the commit in another PR.
 2017-05-10 17:47:41 -07:00
Yu-Ju Hong
daa329c9ae Remove the deprecated --enable-cri flag 
Except for rkt, CRI is the default and only integration point for
container runtimes.
 2017-05-10 13:03:41 -07:00
Kubernetes Submit Queue
77b2e6302c Merge pull request #45236 from verb/sharedpid-2-default 
Automatic merge from submit-queue

Enable shared PID namespace by default for docker pods

**What this PR does / why we need it**: This PR enables PID namespace sharing for docker pods by default, bringing the behavior of docker in line with the other CRI runtimes when used with docker >= 1.13.1.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: ref #1615

**Special notes for your reviewer**: cc @dchen1107 @yujuhong 

**Release note**:

```release-note
Kubernetes now shares a single PID namespace among all containers in a pod when running with docker >= 1.13.1. This means processes can now signal processes in other containers in a pod, but it also means that the `kubectl exec {pod} kill 1` pattern will cause the pod to be restarted rather than a single container.
```
 2017-05-10 12:06:01 -07:00
Solly Ross
0b43fffa48 Enable client-gen for k8s.io/metrics 
This commit turns on client-gen for k8s.io/metrics.  Clients are
generated for `k8s.io/metrics/pkg/apis/metrics` (both internal and
v1alpha1).  `k8s.io/metrics/pkg/apis/custom_metrics` uses a bespoke
client due to the unique nature of its paths.
 2017-05-10 13:33:18 -04:00
Chao Xu
2f41a515e9 let hack/update-codecgen.sh include k8s.io/metrics 2017-05-09 18:05:23 -07:00
Kubernetes Submit Queue
110f410e55 Merge pull request #45463 from nilebox/nilebox-tpr-watcher-example 
Automatic merge from submit-queue (batch tested with PRs 45481, 45463)

ThirdPartyResource example: added watcher example, code cleanup

**NOTE**: This is a cleaned and updated version of PR https://github.com/kubernetes/kubernetes/pull/43027

**What this PR does / why we need it**:
An example of using go-client for watching on ThirdPartyResource events (create/update/delete).
 2017-05-09 06:52:34 -07:00
Nail Islamov
a6c97715ed ThirdPartyResource client-go example: added TPR controller example, code cleanup and integration test 2017-05-09 21:31:39 +10:00
Kubernetes Submit Queue
a9ec6cbcb8 Merge pull request #45441 from cjwagner/test-owners-no-default 
Automatic merge from submit-queue (batch tested with PRs 45508, 44258, 44126, 45441, 45320)

Removed 'default' row from test_owners.csv and Updated update_owners.py

**What this PR does / why we need it**:
Removes the 'default' row from test_owners.csv and the validation/update logic associated with it in update_owners.py.  
The 'default' row is being removed because it results in too many issues being assigned to the default test owners when issues are automatically generated.

**Release note**:

```release-note
NONE
```
/assign
 2017-05-08 16:34:46 -07:00
Kubernetes Submit Queue
a062782524 Merge pull request #44258 from wlan0/master 
Automatic merge from submit-queue (batch tested with PRs 45508, 44258, 44126, 45441, 45320)

cloud initialize node in external cloud controller

@thockin This PR adds support in the `cloud-controller-manager` to initialize nodes (instead of kubelet, which did it previously)

This also adds support in the kubelet to skip node cloud initialization when `--cloud-provider=external`

Specifically,

Kubelet

1. The kubelet has a new flag called `--provider-id` which uniquely identifies a node in an external DB
2. The kubelet sets a node taint - called "ExternalCloudProvider=true:NoSchedule" if cloudprovider == "external"

Cloud-Controller-Manager

1. The cloud-controller-manager listens on "AddNode" events, and then processes nodes that starts with that above taint. It performs the cloud node initialization steps that were previously being done by the kubelet.
2. On addition of node, it figures out the zone, region, instance-type, removes the above taint and updates the node.
3. Then periodically queries the cloudprovider for node addresses (which was previously done by the kubelet) and updates the node if there are new addresses

```release-note
NONE  
```
 2017-05-08 16:34:43 -07:00
Kubernetes Submit Queue
332b095ca9 Merge pull request #44968 from MrHohn/kube-proxy-healthcheck 
Automatic merge from submit-queue (batch tested with PRs 44727, 45409, 44968, 45122, 45493)

Separate healthz server from metrics server in kube-proxy

From #14661, proposal is on kubernetes/community#552.

Couple bullet points as in commit:
- /healthz will be served on 0.0.0.0:10256 by default.
- /metrics and /proxyMode will be served on port 10249 as before.
- Healthz handler will verify timestamp in iptables mode.

/assign @nicksardo @bowei @thockin 

**Release note**:

```release-note
NONE
```
 2017-05-08 14:54:38 -07:00
Kubernetes Submit Queue
15f0468986 Merge pull request #44895 from dcbw/iptables-restore-manual-locking 
Automatic merge from submit-queue

util/iptables: grab iptables locks if iptables-restore doesn't support --wait

When iptables-restore doesn't support --wait (which < 1.6.2 don't), it may
conflict with other iptables users on the system, like docker, because it
doesn't acquire the iptables lock before changing iptables rules. This causes
sporadic docker failures when starting containers.

To ensure those don't happen, essentially duplicate the iptables locking
logic inside util/iptables when we know iptables-restore doesn't support
the --wait option.

Unfortunately iptables uses two different locking mechanisms, one until
1.4.x (abstract socket based) and another from 1.6.x (/run/xtables.lock
flock() based).  We have to grab both locks, because we don't know what
version of iptables-restore exists since iptables-restore doesn't have
a --version option before 1.6.2.  Plus, distros (like RHEL) backport the
/run/xtables.lock patch to 1.4.x versions.

Related: https://github.com/kubernetes/kubernetes/pull/43575
See also: https://github.com/openshift/origin/pull/13845
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1417234

@kubernetes/rh-networking @kubernetes/sig-network-misc @eparis @knobunc @danwinship @thockin @freehan
 2017-05-06 15:17:21 -07:00
Dan Williams
8f967c929f hack/cluster: map /run/xtables.lock into containerized kubelet filesystem 2017-05-05 23:34:06 -05:00
Kubernetes Submit Queue
a481a5bca9 Merge pull request #45429 from pmichali/issue45425 
Automatic merge from submit-queue (batch tested with PRs 45182, 45429)

Coverage: shasum command not supported on CentOS

Centos has sha1sum, instead of "shasum -a1". Modified script to
check for existence fo shasum, and if not present, use sha1sum
for coverage test processing.



**What this PR does / why we need it**: Allows coverage test to run under CentOS. Needed for development using that OS.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #45425 

**Special notes for your reviewer**:

**Release note**:

```NONE
```
 2017-05-05 17:32:35 -07:00
Kubernetes Submit Queue
6c4663635c Merge pull request #45182 from deads2k/tpr-08-simple-serving 
Automatic merge from submit-queue (batch tested with PRs 45182, 45429)

CustomResources in separate API server

Builds on https://github.com/kubernetes/kubernetes/pull/45115.

This adds a basic handler for custom resources.  No status handling, no finalizers, no controllers, but basic CRUD runs to allow @enisoc and others to start considering migration.

@kubernetes/sig-api-machinery-misc
 2017-05-05 17:32:33 -07:00
wlan0
45d2bc06b7 cloud initialize node in external cloud controller 2017-05-05 16:51:45 -07:00
Zihong Zheng
e5db5dc3a1 Autogenerated files 2017-05-05 14:44:38 -07:00
Cole Wagner
e9eca4b5ba Removed 'default' row from test_owners.csv. Also updated update_owners.py to no longer handle the 'default' row. 2017-05-05 14:21:23 -07:00
Paul Michali
5bcd21c9f1 Coverage: shasum command not supported on CentOS 
Centos has sha1sum, instead of "shasum -a1". Modified script to
check for existence fo shasum, and if not present, use sha1sum
for coverage test processing. If neither are available, an error
will be reported and processing stopped.
 2017-05-05 18:36:02 +00:00
deads2k
bb143d3e33 add integration tests 2017-05-05 10:50:03 -04:00
Kubernetes Submit Queue
4e74c43e9a Merge pull request #43436 from xilabao/add-set-rolebinding-command 
Automatic merge from submit-queue

add set rolebinding/clusterrolebinding command

add command to set user/group/serviceaccount in rolebinding/clusterrolebinding /cc @liggitt @deads2k
 2017-05-05 07:21:58 -07:00
xilabao
20876757c2 add set rolebinding/clusterrolebinding command 2017-05-05 09:55:35 +08:00
shashidharatd
f08533965c Fix federated service deletion tests 2017-05-04 22:27:54 +05:30
deads2k
c837c7fb1a use our own serve mux that directs how we want 2017-05-03 16:21:45 -04:00
Lee Verberne
b668371a63 Enable shared PID namespace by default for docker 2017-05-03 17:12:08 +00:00
Kubernetes Submit Queue
df8551acd2 Merge pull request #45115 from deads2k/tpr-07-types 
Automatic merge from submit-queue (batch tested with PRs 45272, 45115)

initial types for TPRs

This pull starts creating the types described by https://github.com/kubernetes/community/blob/master/contributors/design-proposals/thirdpartyresources.md .  In the initial pull different names were suggested.  I've started this pull with `CustomResource.apiextensions.k8s.io`.

The structure begins as a separate API server to facilitate rapid prototyping and experimentation, but the end result will be added to the end of the `kube-apiserver` chain as described in https://github.com/kubernetes/community/blob/master/sig-api-machinery/api-extensions-position-statement.md .

Because it is separate to start (not included in any default server), I don't think we need a perfect name, but I'd like to be close.

@kubernetes/sig-api-machinery-misc @enisoc @smarterclayton @erictune
 2017-05-03 05:36:59 -07:00
nikhiljindal
a88f28772a Add wait for federated service deletion 2017-05-02 22:12:03 -07:00
Kubernetes Submit Queue
0b469f4cb5 Merge pull request #45230 from dims/single-ca-cert 
Automatic merge from submit-queue (batch tested with PRs 45239, 45230)

Create a single CA for both client and server certs

**What this PR does / why we need it**:
The following test:
"Certificates API [It] should support building a client with a CSR"

fails with local-up-cluster, but works in the existing CI jobs. This
is because the other CI jobs use a single CA cert while local-up-cluster
can use 2 different sets of CA(s). We need a way to mimic the other
CI jobs (or alternatively change everything to have separate CA's). Just
updating local-up-cluster with a flag seems to be the easy route.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-05-02 14:11:53 -07:00
Davanum Srinivas
0d95f74ef5 Create a single CA for both client and server certs 
The following test:
"Certificates API [It] should support building a client with a CSR"

fails with local-up-cluster, but works in the existing CI jobs. This
is because the other CI jobs use a single CA cert while local-up-cluster
can use 2 different sets of CA(s). We need a way to mimic the other
CI jobs (or alternatively change everything to have separate CA's). Just
updating local-up-cluster with a flag seems to be the easy route.
 2017-05-02 13:43:46 -04:00
Kubernetes Submit Queue
02a26f43a8 Merge pull request #44796 from CaoShuFeng/canisubresource 
Automatic merge from submit-queue (batch tested with PRs 45100, 45152, 42513, 44796, 45222)

add subresource support to kube auth can-i

Eg:
    kubectl auth can-i get pods --sub-resource=log

**Release note**:

```release-note
```
 2017-05-02 10:35:12 -07:00
deads2k
72eef13e3e generated 2017-05-02 08:49:20 -04:00
deads2k
ed27887ad2 wire new staging repo 2017-05-02 08:43:31 -04:00
Cao Shufeng
de3db1eec3 add subresource support to kube auth can-i 
Eg:
    kubectl auth can-i get pods --subresource=log
 2017-05-02 12:08:20 +08:00
Kubernetes Submit Queue
3791abd628 Merge pull request #44981 from ixdy/version-docker-tag 
Automatic merge from submit-queue

Use munged semantic version for side-loaded docker tag

**What this PR does / why we need it**: rather than using the md5sum of the dockerized binary for each side-loaded docker image, use the semantic version (with `+`s replaced with `_`s) for the side-loaded docker images.

The use of the md5sum for the docker tag dates to #6326 2 years ago. I'm not sure why that was chosen, short of it being fairly unique.

My main motivation for changing this is that it makes building the docker images using Bazel's docker rules easier, since the semantic version doesn't depend on the build output.

An added benefit is that the list of images on a running kubernetes cluster is also more straightfoward; rather than a list of opaque, meaningless hexadecimal strings, you get something that indicates the provenance of the image. It'd also be clearer that all of the images came from the same build.

I was able to start a cluster with this change on GCE using both `make quick-release` and `make bazel-release`.

Note that this change has no effect on the tag that's pushed to gcr.io during releases; that's still controlled via `KUBE_IMAGE_DOCKER_TAG`, though we may want to merge this functionality at some point.

@kubernetes/sig-node-pr-reviews is there any reason to stick with using the md5sum strategy? @dchen1107 do you remember why we went with md5sums originally?
cc @spxtr @mikedanese 

**Release note**:

```release-note
```
 2017-05-01 19:48:18 -07:00
Kubernetes Submit Queue
29f37fde3e Merge pull request #45177 from dims/allow-cluster-signing-ca-crt-and-key 
Automatic merge from submit-queue (batch tested with PRs 45077, 45180, 34727, 45079, 45177)

Allow specifying cluster signing ca/key

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
```
 2017-05-01 18:55:16 -07:00
Kubernetes Submit Queue
5ffbd37661 Merge pull request #34727 from ncdc/kube-proxy-config 
Automatic merge from submit-queue (batch tested with PRs 45077, 45180, 34727, 45079, 45177)

Refactor kube-proxy configuration

This is a proof of concept refactoring of the configuration and startup of kube-proxy. Most flags have been removed and replaced by a single config file, specified by `--config`. This is in regards to the component configuration improvement suggestions listed in #32215.

Also during this effort, I discovered that Hyperkube is roughly reimplementing portions of cobra, and that the current cobra command definitions are solely used to generated docs and man pages. I would like to move the individual commands as well as Hyperkube to using cobra, but that is a separate issue and discussion.

cc @mikedanese @liggitt @deads2k @eparis @sttts @smarterclayton @dgoodwin @timothysc
 2017-05-01 18:55:13 -07:00
Kubernetes Submit Queue
cb27476153 Merge pull request #45180 from caesarxuchao/move-metrics-to-staging 
Automatic merge from submit-queue (batch tested with PRs 45077, 45180, 34727, 45079, 45177)

Move k8s.io/metrics to staging/

This is to break the cyclic dependency in our code base: kubernetes depends on k8s.io/metrics, which depends on kubernetes/staging/client-go.

@DirectXMan12 i actually moved it to staging because we will need the flexibility to update metrics code directly to do many planned refactors, so the copy of metrics in kubernetes has to be the source of truth.

client-gen is not enabled for the code yet, we can enable it after you port your changes to client-gen.

`make generated_files` is enabled for metrics.
 2017-05-01 18:55:11 -07:00
Chao Xu
3294200dc8 move metrics to staging 2017-05-01 16:43:50 -07:00
Davanum Srinivas
ec44cc2e7c Allow specifying cluster signing ca/key 
Makes it useful in testing some scenarios with automatically
signing certificates
 2017-05-01 19:25:56 -04:00
Andy Goldstein
43cb024402 Add kube-proxy config file support 
Add support for configuring kube-proxy via a config file instead of
command line flags.
 2017-05-01 18:02:47 -04:00
Mike Danese
ff4a814cce migrate set generation to go genrule 
and move ./types to staging
 2017-05-01 11:11:14 -07:00
Kubernetes Submit Queue
91475306dc Merge pull request #40774 from mikedanese/no-more-integration-tags 
Automatic merge from submit-queue

don't use build tags to mark integration tests

This is a bad pattern that leads to checked in code that isn't check for compilation. We should avoid this if it doesn't provide value, which it seems like it doesn't.
 2017-05-01 11:08:15 -07:00
Kubernetes Submit Queue
e2042bb81b Merge pull request #41583 from verb/sharedpid 
Automatic merge from submit-queue (batch tested with PRs 41583, 45117, 45123)

Implement shared PID namespace in the dockershim

**What this PR does / why we need it**: Defaults the Docker CRI to using a shared PID namespace for pods. Implements proposal in https://github.com/kubernetes/community/pull/207 tracked by #1615.

//cc @dchen1107 @vishh @timstclair 

**Special notes for your reviewer**: none

**Release note**:
```release-note
Some container runtimes share a process (PID) namespace for all containers in a pod. This will become the default for Docker in a future release of Kubernetes. You can preview this functionality if running with the CRI and Docker 1.13.1 by enabling the --experimental-docker-enable-shared-pid kubelet flag.
```
 2017-04-28 20:15:03 -07:00
Kubernetes Submit Queue
87792a0020 Merge pull request #45109 from rootfs/azure-e2e-pr 
Automatic merge from submit-queue (batch tested with PRs 44044, 44766, 44930, 45109, 43301)

e2e test: test azure disk volume

**What this PR does / why we need it**:
E2E test Azure disk volume
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:
@kubernetes/sig-testing-pr-reviews 

**Release note**:
```release-note
NONE
```
 2017-04-28 17:49:12 -07:00
Kubernetes Submit Queue
3a2a01bddc Merge pull request #44930 from fabianofranz/issue_44832 
Automatic merge from submit-queue (batch tested with PRs 44044, 44766, 44930, 45109, 43301)

Fixes get -oname for unstructured objects

Fixes https://github.com/kubernetes/kubernetes/issues/44832

Make sure we display kind in `kubectl get -o name` for unknown resource types.

**Release note**:

```release-note
NONE
```
 2017-04-28 17:49:10 -07:00
Mike Danese
3600d49504 delete benchmark integration tests that don't work at all 2017-04-28 14:28:04 -07:00
Mike Danese
21617a60ae don't use build tags to mark integration tests 2017-04-28 14:19:39 -07:00
Kubernetes Submit Queue
7a9808ae6f Merge pull request #45033 from timothysc/examples_1 
Automatic merge from submit-queue

Prune examples and e2es per discussion on sig-testing

**What this PR does / why we need it**:
Prune k8petstore from examples and e2es per discussion on sig-testing

**Special notes for your reviewer**:
This can live elsewhere outside the main repository.  

**Release note**:

```
NONE
```

/cc @jayunit100 @fejta @kubernetes/sig-testing-pr-reviews
 2017-04-28 13:15:05 -07:00
Davanum Srinivas
49faff32da Support running StatefulSetBasic e2e tests with local-up-cluster 
Currently StatefulSet(s) fail when you use local-up-cluster without
setting a cloud provider. In this PR, we use set the
kubernetes.io/host-path provisioner as the default provisioner when
there CLOUD_PROVIDER is not specified. This enables e2e test(s)
(specifically StatefulSetBasic) to work.
 2017-04-28 15:10:22 -04:00
Huamin Chen
165d46a0a8 e2e test: test azure disk volume 
Signed-off-by: Huamin Chen <hchen@redhat.com>
 2017-04-28 18:51:34 +00:00
Fabiano Franz
1aa84d101a Fixes get -oname for unstructured objects 2017-04-28 14:12:36 -03:00
Timothy St. Clair
01366851ea Prune k8petstore from examples and e2es per discussion on sig-testing 2017-04-28 11:49:23 -05:00
Fabiano Franz
2158473474 Plugins are loaded under the 'kubectl plugin' command 2017-04-28 01:34:07 -03:00
Fabiano Franz
2b178ad608 Basic support for kubectl plugins 2017-04-28 01:34:07 -03:00
Lee Verberne
d22dd0fa35 Implement shared PID namespace in the dockershim 2017-04-27 23:43:53 +00:00
Jeff Grafton
f73e3cbb30 Use munged semantic version for side-loaded docker tag 2017-04-27 15:05:40 -07:00
Jeff Grafton
ed7c75e324 Update gazel to v17 2017-04-27 15:01:34 -07:00
Kubernetes Submit Queue
98398d5d6e Merge pull request #41106 from spxtr/gen3 
Automatic merge from submit-queue

Don't check in zz_generated.openapi.go.

`zz_generated.openapi.go` is the file that causes the most merge conflicts of all. In #33440, @thockin updated the makefile to support generating these files on demand, but that didn't play well with bazel/gazel.

In this PR, I add a new build macro that will generate this file with a `go_genrule`. I added support for keeping the BUILD file up to date in mikedanese/gazel#34.

**Release note**:
```release-note
NONE
```
 2017-04-27 11:40:31 -07:00
Kubernetes Submit Queue
549bd4b7d5 Merge pull request #44591 from ixdy/bazel-push-build 
Automatic merge from submit-queue (batch tested with PRs 44591, 44549)

Update repo-infra bazel dependency and use new gcs_upload rule

This PR provides similar functionality to push-build.sh entirely within Bazel rules (though it relies on gsutil).

It's an alternative to #44306.

Depends on https://github.com/kubernetes/repo-infra/pull/13.

**Release note**:

```release-note
NONE
```
 2017-04-27 10:54:56 -07:00
Kubernetes Submit Queue
433aec11c8 Merge pull request #44531 from pwittrock/kubectl-openapi 
Automatic merge from submit-queue

OpenAPI support for kubectl

Support for openapi spec in kubectl.

Includes:
- downloading and caching openapi spec to a local file
- parsing openapi spec into binary serializable datastructures (10x faster load times 600ms -> 40ms)
- caching parsed openapi spec in memory for each command

```release-note
NONE
```
 2017-04-26 16:59:17 -07:00
Kubernetes Submit Queue
21f30db4c6 Merge pull request #44826 from dims/enable-default-signer-in-local-up-cluster 
Automatic merge from submit-queue (batch tested with PRs 41287, 41636, 44881, 44826)

Enable default signer implementation

**What this PR does / why we need it**:

The Kubernetes controller manager provides a default implementation
of a signer. We should enable it by passing the --cluster-signing-cert-file
and --cluster-signing-key-file parameters to the controller manager
with paths to your Certificate Authority’s keypair. Hoping this will
help pass the "Certificates API [It] should support building a client with a CSR"
e2e test when run against k8s started using local-up-cluster.sh

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-04-25 17:56:44 -07:00
Joe Finney
8e84a9aedc Add go_genrule for zz_generated.openapi.go. 
Clean zz_generated.openapi.go before running gazel.
 2017-04-25 17:51:36 -07:00
Lucas Käldström
6b5d5371d9
Bump to go1.8.1 and remove the edge GOROOT 2017-04-25 23:45:47 +03:00
Jeff Grafton
a9bfae8ec3 Update repo-infra bazel dependency and use new gcs_upload rule 2017-04-25 13:45:28 -07:00
Kubernetes Submit Queue
e1adcc2367 Merge pull request #44583 from mikedanese/go1.8 
Automatic merge from submit-queue

bump bazel build to go1.8.1 and remove invalid unit tests

part of https://github.com/kubernetes/kubernetes/issues/38228

I firmly believe that unit tests that check error strings are incorrect unit tests. If we care about what type of error is returned, we need to use public error types. Anywhere we are using generic errors, we don't care other then that we saw an error.
 2017-04-25 13:32:28 -07:00
Kubernetes Submit Queue
896d2afb42 Merge pull request #44588 from dmmcquay/kubeadm_skip_token_print 
Automatic merge from submit-queue (batch tested with PRs 44601, 44842, 44893, 44491, 44588)

kubeadm: add flag to skip token print out

**What this PR does / why we need it**: When kubeadm init is used in an automated context, it still prints the token to standard out. When standard output ends up in a log file, it can be considered that the token is leaked there and can be compromised. This PR adds a flag you can select to not have it print out and explicitly disable this behavior.

This is a continuation from https://github.com/kubernetes/kubernetes/pull/42823 since it had to be closed.

**Which issue this PR fixes** : fixes #https://github.com/kubernetes/kubeadm/issues/160

**Special notes for your reviewer**: /cc @luxas @errordeveloper 

**Release note**:
```release-note
NONE
```
 2017-04-25 12:51:41 -07:00
Mike Danese
59fc948a06 bump rules_go and go version for bazel builds 
and bump gazel to a version that supports 1.8
 2017-04-25 11:23:33 -07:00
Phillip Wittrock
6cbe37be2b kubectl OpenAPI whitelist pkg/kubectl/cmd/util/openapi for linting 2017-04-25 10:45:49 -07:00
Kubernetes Submit Queue
08deaf2b98 Merge pull request #44865 from wongma7/validate-etcd 
Automatic merge from submit-queue (batch tested with PRs 40060, 44860, 44865, 44825, 44162)

Validate etcd only when expecting to run etcd

If running kubelet only, there is no need to validate etcd as the script will not attempt to start etcd. In fact, validating etcd here may cause the script to fail when one wants to run "nokubelet" right before "kubeletonly" because etcd will definitely be running
```release-note
NONE
```
 2017-04-24 23:07:42 -07:00
Kubernetes Submit Queue
6c8cb33fb3 Merge pull request #42101 from Dmitry1987/feature/hpa-upscale-downscale-delay-configurable 
Automatic merge from submit-queue (batch tested with PRs 44862, 42241, 42101, 43181, 44147)

Feature/hpa upscale downscale delay configurable

**What this PR does / why we need it**:
Makes "upscale forbidden window" and "downscale forbidden window"  duration configurable in arguments of kube-controller-manager. Those are options of horizontal pod autoscaler.

**Special notes for your reviewer**:
Please have a look @DirectXMan12 , the PR as discussed in Slack.

**Release note**:
```
Make "upscale forbidden window" and "downscale forbidden window"  duration configurable in arguments of kube-controller-manager. Those are options of horizontal pod autoscaler. Right now are hardcoded 3 minutes for upscale, and 5 minutes to downscale.  But sometimes cluster administrator might want to change this for his own needs.
```
 2017-04-24 19:39:42 -07:00
Davanum Srinivas
eb9ee75c28 Enable default signer implementation 
The Kubernetes controller manager provides a default implementation
of a signer. We should enable it by passing the --cluster-signing-cert-file
and --cluster-signing-key-file parameters to the controller manager
with paths to your Certificate Authority’s keypair. Hoping this will
help pass the "Certificates API [It] should support building a client with a CSR"
e2e test when run against k8s started using local-up-cluster.sh
 2017-04-24 13:20:52 -04:00
Matthew Wong
0dc99ef80f Validate etcd only when expecting to run etcd 2017-04-24 12:28:19 -04:00
xilabao
19217bc4a2 support subresource when running kubectl create role 2017-04-24 10:05:47 +08:00
Kristian Klausen
eb882a3d1a Remove redis-proxy example 
The docker image is nowhere to be found, so lets remove it.
There have been a request for the Dockerfile here [1], but nobody
seems to care.

redis-proxy is replaced with redis-master in test-cmd-util.sh, to
ensure that the tests still works.
The redis-proxy pod in test/fixtures/doc-yaml/user-guide/multi-pod.yaml
is replaced with valid-pod from test/fixtures/doc-yaml/admin/limitrange/valid-pod.yaml,
so redis-proxy is removed every where.

[1] https://github.com/kubernetes/kubernetes/issues/4914#issuecomment-77209779
 2017-04-23 16:59:23 +02:00
derek mcquay
d047dfbc6f kubeadm: add flag to skip token print out 2017-04-20 13:12:37 -07:00
Kubernetes Submit Queue
fe44d1f5ce Merge pull request #44073 from marun/fed-e2e-config-from-secrets 
Automatic merge from submit-queue (batch tested with PRs 43500, 44073)

[Federation] Add option to retrieve e2e cluster config from secrets

Previously the federation e2e setup was reading member cluster configuration from the test run's kubeconfig. This change removes that dependency in favor of reading member cluster configuration from secrets in the hosting cluster, and caches the configuration to avoid having to read it separately for each test.

cc: @kubernetes/sig-federation-pr-reviews @perotinus
 2017-04-18 22:27:58 -07:00
Kubernetes Submit Queue
bdc2b20b74 Merge pull request #43500 from marun/fed-secret-upgrade-test 
Automatic merge from submit-queue

[Federation] Add simple upgrade test

This PR adds a simple upgrade test that targets all registered federated types.

cc: @kubernetes/sig-federation-pr-reviews @perotinus
 2017-04-18 22:20:26 -07:00
Kubernetes Submit Queue
a9be156eea Merge pull request #44292 from derekwaynecarr/local-up-deploy-dashboard 
Automatic merge from submit-queue (batch tested with PRs 44222, 44614, 44292, 44638)

Optionally deploy kubernetes dashboard in local-up cluster

**What this PR does / why we need it**:
Enable users of local up cluster to optionally deploy the kubernetes dashboard.

**Special notes for your reviewer**:
The dashboard is especially useful when working on k8s + service catalog at the same time.
 2017-04-18 17:42:06 -07:00
Maru Newby
9dc74d60f7 fed: Add simple upgrade test 2017-04-18 15:46:43 -07:00
Kubernetes Submit Queue
09e3fdbafe Merge pull request #44500 from Cynerva/gkk/cdk-1.6-support 
Automatic merge from submit-queue (batch tested with PRs 43000, 44500, 44457, 44553, 44267)

Add Kubernetes 1.6 support to Juju charms

**What this PR does / why we need it**:

This adds Kubernetes 1.6 support to Juju charms.

This includes some large architectural changes in order to support multiple versions of Kubernetes with a single release of the charms. There are a few bug fixes in here as well, for issues that we discovered during testing.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

Thanks to @marcoceppi, @ktsakalozos, @jacekn, @mbruzek, @tvansteenburgh for their work in this feature branch as well!

**Release note**:

```release-note
Add Kubernetes 1.6 support to Juju charms
Add metric collection to charms for autoscaling
Update kubernetes-e2e charm to fail when test suite fails
Update Juju charms to use snaps
Add registry action to the kubernetes-worker charm
Add support for kube-proxy cluster-cidr option to kubernetes-worker charm
Fix kubernetes-master charm starting services before TLS certs are saved
Fix kubernetes-worker charm failures in LXD
Fix stop hook failure on kubernetes-worker charm
Fix handling of juju kubernetes-worker.restart-needed state
Fix nagios checks in charms
```
 2017-04-18 13:19:06 -07:00
Maru Newby
9a9d897d94 fed: Add option to source e2e cluster config from host cluster 
Add the option to configure e2e access to member clusters from the
same secrets in the host cluster used by the federation control plane.
The default behavior will continue to be sourcing this configuration
from the e2e kubeconfig.  The optional behavior can be enabled by
passing --federation-config-from-cluster=true as an argument to
ginkgo.
 2017-04-17 23:38:03 -07:00
NickrenREN
5cafb9042b find and add active pods for dswp 
loops through the list of active pods and ensures that each one exists in the desired state of the world cache
 2017-04-18 11:21:37 +08:00
Chao Xu
4f9591b1de move pkg/api/v1/ref.go and pkg/api/v1/resource.go to subpackages. move some functions in resource.go to pkg/api/v1/node and pkg/api/v1/pod 2017-04-17 11:38:11 -07:00
Rye Terrell
33fee22032 add support for kube-proxy cluster-cidr option 2017-04-14 10:45:23 -05:00
Rye Terrell
ca4afd8773 Update CDK charms to use snaps 2017-04-14 10:43:00 -05:00
Andy Goldstein
e63fcf708d Make controller Run methods consistent 
- startup/shutdown logging
- wait for cache sync logging
- defer utilruntime.HandleCrash()
- wait for stop channel before exiting
 2017-04-14 07:27:45 -04:00
Kubernetes Submit Queue
5ad494077e Merge pull request #42914 from liggitt/fix-defaulting 
Automatic merge from submit-queue (batch tested with PRs 44424, 44026, 43939, 44386, 42914)

remove defaulting from conversion path

follow up for #42764

* remove call to defaulting from conversion path (defaulting is a separate step from conversion)
* remove non-top-level-object defaulting registration (unused after conversion call is removed)
* generate missing top-level defaults for some api groups:
  * autoscaling/v2alpha1
  * policy/v1alpha1
  * policy/v1beta1
* register top-level defaults for some api groups that were missing them:
  * autoscaling/v2alpha1
  * settings/v1alpha1
 2017-04-13 22:07:10 -07:00
Kubernetes Submit Queue
08bd9c773f Merge pull request #44071 from liggitt/service-account-lookup 
Automatic merge from submit-queue (batch tested with PRs 44406, 41543, 44071, 44374, 44299)

Enable service account token lookup by default

Fixes #24167

```release-note
kube-apiserver: --service-account-lookup now defaults to true, requiring the Secret API object containing the token to exist in order for a service account token to be valid. This enables service account tokens to be revoked by deleting the Secret object containing the token.
```
 2017-04-13 19:52:06 -07:00
Kubernetes Submit Queue
c814bab9e0 Merge pull request #44396 from wongma7/etcd-version 
Automatic merge from submit-queue

Do etcd semver validation using posix only

this is a follow-up to https://github.com/kubernetes/kubernetes/pull/44352, can't use sort -V because not everybody has that
```release-note
NONE
```
 2017-04-13 00:44:08 -07:00
Kubernetes Submit Queue
765755376e Merge pull request #43831 from jayunit100/local-up-conformance 
Automatic merge from submit-queue

local up dns defaults/Privileged defaults so that [Conformance] sets mostly pass on local clusters.

Fixes #43651 So that only 4 tests fail out of the box.
 2017-04-12 20:44:02 -07:00
Kubernetes Submit Queue
f1c0c0a73c Merge pull request #42395 from nicksardo/gce-src-ranges 
Automatic merge from submit-queue

Adding load balancer src cidrs to GCE cloudprovider

**What this PR does / why we need it**:
As of January 31st, 2018, GCP will be sending health checks and l7 traffic from two CIDRs and legacy health checks from three CIDS. This PR moves them into the cloudprovider package and provides a flag for override.

Another PR will need to be address firewall rule creation for external L4 network loadbalancing #40778

**Which issue this PR fixes**
Step one of #40778
Step one of https://github.com/kubernetes/ingress/issues/197

**Release note**:
```release-note
Add flags to GCE cloud provider to override known L4/L7 proxy & health check source cidrs
```
 2017-04-12 19:57:43 -07:00
Jordan Liggitt
ad116026d9
Remove vestiges of defaulting from conversion path, switch to top-level default registration only 2017-04-12 13:36:15 -04:00
Kubernetes Submit Queue
06cdb02fca Merge pull request #44359 from ncdc/var-lib-dockershim 
Automatic merge from submit-queue

Make the dockershim root directory configurable

Make the dockershim root directory configurable so things like
integration tests (e.g. in OpenShift) can run as non-root.

cc @sttts @derekwaynecarr @yujuhong @Random-Liu @kubernetes/sig-node-pr-reviews @kubernetes/rh-cluster-infra
 2017-04-12 09:58:18 -07:00
Matthew Wong
04241a673d Do etcd semver validation using posix only 2017-04-12 12:44:07 -04:00
Kubernetes Submit Queue
c9014b1029 Merge pull request #42849 from janetkuo/kubectl-describe-controllerRef 
Automatic merge from submit-queue

In 'kubectl describe', find controllers with ControllerRef, instead of showing the original creator

@enisoc @kargakis @kubernetes/sig-apps-pr-reviews @kubernetes/sig-cli-pr-reviews 

```release-note
In 'kubectl describe', find controllers with ControllerRef, instead of showing the original creator.
```
 2017-04-12 09:05:41 -07:00
Andy Goldstein
00e11566f2 Make the dockershim root directory configurable 
Make the dockershim root directory configurable so things like
integration tests (e.g. in OpenShift) can run as non-root.
 2017-04-12 09:06:21 -04:00
Kubernetes Submit Queue
9db7953c24 Merge pull request #44138 from sttts/sttts-cleanup-godeps-json-updater 
Automatic merge from submit-queue

Clean up staging/godeps-json-updater.go
 2017-04-12 03:02:42 -07:00
Kubernetes Submit Queue
d70b55ead5 Merge pull request #42466 from sttts/sttts-client-go-plugin-import-verify 
Automatic merge from submit-queue

hack/verify-staging-imports.sh: check that plugins are not imported b…
 2017-04-12 03:02:35 -07:00
Kubernetes Submit Queue
ceccd305ce Merge pull request #42147 from bowei/ip-alias-2 
Automatic merge from submit-queue

Add support for IP aliases for pod IPs (GCP alpha feature)

```release-note
Adds support for allocation of pod IPs via IP aliases.

# Adds KUBE_GCE_ENABLE_IP_ALIASES flag to the cluster up scripts (`kube-{up,down}.sh`).

KUBE_GCE_ENABLE_IP_ALIASES=true will enable allocation of PodCIDR ips
using the ip alias mechanism rather than using routes. This feature is currently
only available on GCE.

## Usage
$ CLUSTER_IP_RANGE=10.100.0.0/16 KUBE_GCE_ENABLE_IP_ALIASES=true bash -x cluster/kube-up.sh

# Adds CloudAllocator to the node CIDR allocator (kubernetes-controller manager).

If CIDRAllocatorType is set to `CloudCIDRAllocator`, then allocation
of CIDR allocation instead is done by the external cloud provider and
the node controller is only responsible for reflecting the allocation
into the node spec.

- Splits off the rangeAllocator from the cidr_allocator.go file.
- Adds cloudCIDRAllocator, which is used when the cloud provider allocates
  the CIDR ranges externally. (GCE support only)
- Updates RBAC permission for node controller to include PATCH
```
 2017-04-11 22:09:24 -07:00
Kubernetes Submit Queue
ebf1439d93 Merge pull request #43406 from janetkuo/ds-semantic-equal-update 
Automatic merge from submit-queue

Add tests for semantically equal DaemonSet updates

Tests for #43337, depends on #43337. The last commit is already reviewed in #43337. 

@liggitt @kargakis @lukaszo @kubernetes/sig-apps-pr-reviews
 2017-04-11 18:25:03 -07:00
Janet Kuo
b29135ea8f In 'kubectl describe', find controllers with ControllerRef, instead of showing the original creator 2017-04-11 15:41:57 -07:00
Bowei Du
091e46ef21 Update known-flags with cidr-allocator-type 
I also sorted the file, it was almost sorted with a few exceptions.
 2017-04-11 14:07:54 -07:00
Matthew Wong
36d244f084 Fix etcd semver validation by using 'sort -V' 2017-04-11 14:19:30 -04:00
Derek Carr
ab6812324d Optionally deploy kubernetes dashboard in local-up cluster 2017-04-11 10:54:33 -04:00
Kubernetes Submit Queue
39e2d8e58f Merge pull request #41914 from mikedanese/bzl-version 
Automatic merge from submit-queue (batch tested with PRs 43887, 41914, 44170)

bazel: implement git build stamping
 2017-04-10 19:46:14 -07:00
Kubernetes Submit Queue
b9a5a5c9b3 Merge pull request #42748 from dcbw/cfssl-localup 
Automatic merge from submit-queue (batch tested with PRs 43866, 42748)

hack/cluster: download cfssl if not present

hack/local-up-cluster.sh uses cfssl to generate certificates and
will exit it cfssl is not already installed.  But other cluster-up
mechanisms (GCE) that generate certs just download cfssl if not
present.  Make local-up-cluster.sh do that too so users don't have
to bother installing it from somewhere.
 2017-04-10 14:27:11 -07:00
Kubernetes Submit Queue
d2e4f54791 Merge pull request #30302 from aveshagarwal/master-project-node-selector-taints-tolerations 
Automatic merge from submit-queue (batch tested with PRs 43870, 30302, 42722, 43736)

Admission plugin to merge pod and namespace tolerations for restricting pod placement on nodes

```release-note
This admission plugin checks for tolerations on the pod being admitted and its namespace, and verifies if there is any conflict. If there is no conflict, then it merges the pod's namespace tolerations with the the pod's tolerations and it verifies them against its namespace' whitelist of tolerations and returns. If a namespace does not have its default or whitelist tolerations specified, then cluster level default and whitelist is used. An example of its versioned config:

apiVersion: apiserver.k8s.io/v1alpha1
kind: AdmissionConfiguration
plugins:
- name: "PodTolerationRestriction"
  configuration:
    apiVersion: podtolerationrestriction.admission.k8s.io/v1alpha1
    kind: Configuration
    default:
     - Key: key1
       Value: value1
     - Key: key2
       Value: value2
    whitelist:
    - Key: key1
      Value: value1
    - Key: key2
      Value: value2
```
 2017-04-10 13:33:13 -07:00
Kubernetes Submit Queue
2899f47bc8 Merge pull request #44137 from k82cn/k8s_44135 
Automatic merge from submit-queue (batch tested with PRs 41758, 44137)

Removed hostname/subdomain annotation.

fixes #44135

```release-note
Remove `pod.beta.kubernetes.io/hostname` and `pod.beta.kubernetes.io/subdomain` annotations. 
Users should use `pod.spec.hostname` and `pod.spec.subdomain` instead.
```
 2017-04-10 10:06:15 -07:00
Klaus Ma
c2b629ee2a Removed hostname/subdomain annotation. 2017-04-10 13:55:40 +08:00
Kubernetes Submit Queue
357af07718 Merge pull request #44197 from Random-Liu/dockershim-only-mode 
Automatic merge from submit-queue

Add dockershim only mode

This PR added a `experimental-dockershim` hidden flag in kubelet to run dockershim only.

We introduce this flag mainly for cri validation test. In the future we should compile dockershim into another binary.

@yujuhong @feiskyer @xlgao-zju 
/cc @kubernetes/sig-node-pr-reviews
 2017-04-09 19:27:51 -07:00
Kubernetes Submit Queue
eed7d11255 Merge pull request #43136 from shashidharatd/kubectl-tests 
Automatic merge from submit-queue

[Federation] Fix Running service controller in federation kubectl tests

Fixes:  #42607

cc @nikhiljindal @kubernetes/sig-federation-bugs
 2017-04-09 11:19:38 -07:00
Kubernetes Submit Queue
6e3bd081d5 Merge pull request #43892 from bsalamat/sched_conf1 
Automatic merge from submit-queue

Scheduler can recieve its policy configuration from a ConfigMap

**What this PR does / why we need it**: This PR adds the ability to scheduler to receive its policy configuration from a ConfigMap. Before this, scheduler could receive its policy config only from a file. The logic to watch the ConfigMap object will be added in a subsequent PR.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```Add the ability to the default scheduler to receive its policy configuration from a ConfigMap object.
```
 2017-04-08 23:19:43 -07:00
Kubernetes Submit Queue
c8f90171e4 Merge pull request #39678 from resouer/extract-resource 
Automatic merge from submit-queue (batch tested with PRs 41775, 39678, 42629, 42524, 43028)

Extract resources functions belongs to api/util

Address: extract kubelet resources functions belongs to `pkg/api/v1/resource_helpers.go`
 2017-04-07 17:44:14 -07:00
Bobby Salamat
f9d1333144 Addressed reviewers comments 2017-04-07 17:31:45 -07:00
Bobby Salamat
c55e5b6b8e Add flags to known-flags 2017-04-07 17:06:23 -07:00
Random-Liu
327fc270d7 Add dockershim only mode 2017-04-07 16:43:57 -07:00
Kubernetes Submit Queue
596a21d294 Merge pull request #44213 from madhusudancs/hack-shashi-me 
Automatic merge from submit-queue

Add shashidharatd and madhusudancs as hack/ approvers.

Federation team has a bunch of scripts in `hack/` directory and for iterating quickly we need approvers permission in this directory. Both @shashidharatd and I have made number of changes to the scripts in this directory and generally understand the scripts here well. 

**Release note**:
```release-note
NONE
```

/assign @fejta
 2017-04-07 16:03:52 -07:00
jayunit100
60829a88c2 Remove conformance from port forwarding so local / secure clusters aren't expected to support it. 2017-04-07 16:48:26 -04:00
Kubernetes Submit Queue
de1cee38bf Merge pull request #35284 from jsafrane/fix-class-tests 
Automatic merge from submit-queue

Add test for provisioning with storage class

This PR re-introduces e2e test for dynamic provisioning with storage classes.

It adds the same test as it was merged in PR #32485 with an extra patch adding region to AWS calls. It works well on my AWS setup, however I'm using shared company account and I can't run kube-up.sh and run the tests in the "official" way.

@zmerlynn, can you please try to run tests that led to #34961?

@justinsb, you're my AWS guru, would there be a way how to introduce fully initialized AWS cloud provider into e2e test framework? It would simplify everything. GCE has it there, but it's easier to initialize, I guess. See https://github.com/kubernetes/kubernetes/blob/master/test/e2e/pd.go#L486 for example - IMO tests should not talk to AWS directly.
 2017-04-07 11:40:34 -07:00
Madhusudan.C.S
009842c715 Add shashidharatd and madhusudancs as hack/ approvers. 2017-04-07 08:33:26 -07:00
Kubernetes Submit Queue
4957a232b1 Merge pull request #42978 from brendandburns/federation 
Automatic merge from submit-queue (batch tested with PRs 39139, 42978)

Extract long strings and make available for translation.

@fabianofranz @zen
 2017-04-07 02:32:18 -07:00
Kubernetes Submit Queue
8c61829da8 Merge pull request #44117 from madhusudancs/fed-e2e-name-for-parallel-presubmit 
Automatic merge from submit-queue (batch tested with PRs 44191, 44117, 44072)

Default FEDERATION_KUBE_CONTEXT to FEDERATION_NAME in federation e2e up/down scripts.

This is consistent with how kubefed creates kubeconfig contexts.

**Release note**:
-->
```release-note
NONE
```
 2017-04-06 22:16:20 -07:00
Brendan Burns
79f51923d3 Extract a bunch more strings from kubectl 2017-04-06 20:12:50 -07:00
Avesh Agarwal
5f309eec9a Fix golint. 2017-04-06 16:15:34 -04:00
Kubernetes Submit Queue
54f38688d7 Merge pull request #42961 from wanghaoran1988/fix_39032 
Automatic merge from submit-queue

leader election lock based on scheduler name

**What this PR does / why we need it**:
This pr changed the leader election lock based on scheduler name.
**Which issue this PR fixes** :
fixes #39032

**Special notes for your reviewer**:

**Release note**:
```
[scheduling]Fix a bug for multiple-schedulers that you cannot start a second scheduler without disabling leader-elect if the default scheduler has leader-elect enabled(default). We changed the leader election lock based on scheduler name.
```
 2017-04-06 09:12:11 -07:00
Jan Safranek
a327302200 e2e tests should be multizone aware 
Pass MULTIZONE=true env. variable to e2e test framework.
 2017-04-06 13:28:29 +02:00
Kubernetes Submit Queue
b41e415ebd Merge pull request #43137 from shashidharatd/federation-domain 
Automatic merge from submit-queue

[Federation] Remove FEDERATIONS_DOMAIN_MAP references

Remove all references to FEDERATIONS_DOMAIN_MAP as this method is no longer is used and is replaced by adding federation domain map to kube-dns configmap.

cc @madhusudancs @kubernetes/sig-federation-pr-reviews 

**Release note**:
```
[Federation] Mechanism of adding `federation domain maps` to kube-dns deployment via `--federations` flag is superseded by adding/updating `federations` key in `kube-system/kube-dns` configmap. If user is using kubefed tool to join cluster federation, adding federation domain maps to kube-dns is already taken care by `kubefed join` and does not need further action.
```
 2017-04-06 02:05:42 -07:00
Dr. Stefan Schimanski
6e026b4d43 Clean up staging/godeps-json-updater.go 2017-04-06 09:32:57 +02:00
Madhusudan.C.S
5af5378fce Default FEDERATION_KUBE_CONTEXT to FEDERATION_NAME in federation e2e up/down scripts. 
This is consistent with how kubefed creates kubeconfig contexts.
 2017-04-05 18:47:03 -07:00
Christoph Blecker
4c2985e144
Update gen_api_ref_docs to use same diff method as verify 2017-04-05 13:06:35 -07:00
Mike Danese
ba5c2855b3 bazel: implement git build stamping 2017-04-05 11:47:39 -07:00
Haoran Wang
fcc73d355d Multiple scheduler leader election support 2017-04-05 22:36:13 +08:00
Jordan Liggitt
0d2e5a0dd8
Enable service account token lookup by default 
```release-note
kube-apiserver: --service-account-lookup now defaults to true. This enables service account tokens to be revoked by deleting the Secret object containing the token.
```
 2017-04-04 22:00:11 -04:00
Kubernetes Submit Queue
7e18392f16 Merge pull request #43671 from k82cn/skip_e2e_4_mac 
Automatic merge from submit-queue

Skip e2e test for Mac.

fixes #36792
 2017-04-04 18:27:25 -07:00
Kubernetes Submit Queue
3c357139f3 Merge pull request #42674 from nikhiljindal/secretKubeTe 
Automatic merge from submit-queue

Enable secrets in federation kubectl tests

Fixes https://github.com/kubernetes/kubernetes/issues/40568
Superseedes https://github.com/kubernetes/kubernetes/pull/40714

Updating kubectl tests to wait for deletion if WAIT_FOR_DELETION is set to true. WAIT_FOR_DELETION will be set to true only when the tests are being run for federation apiserver.
This change will not impact kube apiserver tests and still enable federation and kubernetes to share the same test code.
This is a workaround until https://github.com/kubernetes/kubernetes/issues/42594 is fixed.

cc @kubernetes/sig-federation-pr-reviews
cc @liggitt as he reviewed https://github.com/kubernetes/kubernetes/pull/40714
 2017-04-04 00:28:42 -07:00
Dan Williams
f20437a822 hack/cluster: download cfssl if not present 
hack/local-up-cluster.sh uses cfssl to generate certificates and
will exit it cfssl is not already installed.  But other cluster-up
mechanisms (GCE) that generate certs just download cfssl if not
present.  Make local-up-cluster.sh do that too.
 2017-04-03 23:31:16 -05:00
Harry Zhang
953c9fa6bb echo pkg/fieldpath into hack/.linted_packages 2017-04-03 13:06:48 +08:00
Christoph Blecker
8cde2e0eb7
Fix coverage report testing on macOS 2017-04-02 10:01:43 -07:00
Kubernetes Submit Queue
25a87fa19c Merge pull request #40804 from runcom/prepull-cri 
Automatic merge from submit-queue

test/e2e_node: prepull images with CRI

Part of https://github.com/kubernetes/kubernetes/issues/40739

- This PR builds on top of #40525 (and contains one commit from #40525)
- The second commit contains a tiny change in the `Makefile`.
- Third commit is a patch to be able to prepull images using the CRI (as opposed to run `docker` to pull images which doesn't make sense if you're using CRI most of the times)

Marked WIP till #40525 makes its way into master

@Random-Liu @lucab @yujuhong @mrunalp @rhatdan
 2017-04-01 03:08:35 -07:00
Antonio Murdaca
2634f57f7f
test/e2e_node: prepull images with CRI 
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
 2017-04-01 10:18:56 +02:00
Davanum Srinivas
605589dc0d Specify a directory for the logs 
Switch from hard coded "/tmp" to a user specified location for
the logs. Default to "/tmp" to keep the current behavior and
not break any current users or jobs.
 2017-03-31 15:17:14 -04:00
Kubernetes Submit Queue
91c03b0e8f Merge pull request #43813 from liggitt/conditional-post-start-hook 
Automatic merge from submit-queue

Make RBAC post-start hook conditional on RBAC authorizer being used

Makes the RBAC post-start hook (and reconciliation) conditional on the RBAC authorizer being used

Ensures we don't set up unnecessary objects.

```release-note
RBAC role and rolebinding auto-reconciliation is now performed only when the RBAC authorization mode is enabled.
```
 2017-03-31 05:51:49 -07:00
Kubernetes Submit Queue
2179ffeb63 Merge pull request #42379 from xilabao/enable-audit-log-in-local-cluster 
Automatic merge from submit-queue (batch tested with PRs 42379, 42668, 42876, 41473, 43260)

Enable audit log in local cluster

fixes #42318

`ENABLE_APISERVER_BASIC_AUDIT=true hack/local-up-cluster.sh`
 2017-03-30 23:36:20 -07:00
Dan Williams
b3705b6e35 hack/cluster: consolidate cluster/ utils to hack/lib/util.sh 
Per Clayton's suggestion, move stuff from cluster/lib/util.sh to
hack/lib/util.sh.  Also consolidate ensure-temp-dir and use the
hack/lib/util.sh implementation rather than cluster/common.sh.
 2017-03-30 22:34:46 -05:00
Jordan Liggitt
890894ac4f
Disable RBAC post-start hook if not using the RBAC authorizer 2017-03-30 23:30:04 -04:00
jayunit100
f3fb966e73 local up dns defaults 2017-03-30 17:35:40 -04:00
Kubernetes Submit Queue
fad2753a2c Merge pull request #43779 from ixdy/hack-bazel-scripts 
Automatic merge from submit-queue (batch tested with PRs 38741, 41301, 43645, 43779, 42337)

If we already have the right version of gazel installed, use it

**What this PR does / why we need it**: makes the bazel scripts marginally faster by only downloading/building gazel when necessary. Also removes the `followRedirects` config setting for gopkg.in which is no longer needed.

**Release note**:

```release-note
NONE
```
 2017-03-29 14:53:35 -07:00
Jeff Grafton
37dda6c2fd If we already have the right version of gazel installed, use it 2017-03-29 09:32:34 -07:00
Kubernetes Submit Queue
72207db455 Merge pull request #42797 from joseph-lanoux/ginkgo_nocolor 
Automatic merge from submit-queue

Fix the ginkgo nocolor parameter

When running the e2e tests in parallel, the ginkgo nocolor is not
honored and produces a colored output. This change fixes this issue
(#42793).



**What this PR does / why we need it**:
It fixes the ginkgo color parameter when running e2e tests in parallel.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #42793 

**Special notes for your reviewer**:
It seems there is a missing bit in ginkgo-e2e.sh so I added it.

**Release note**:

```release-note
```
 2017-03-29 03:50:28 -07:00
Kubernetes Submit Queue
c01baaf54f Merge pull request #39858 from alejandroEsc/ae/issue/39427 
Automatic merge from submit-queue

addressing issue #39427 adding a flag --output to 'kubectl version'

**What this PR does / why we need it**:
Addressing Issue https://github.com/kubernetes/kubernetes/issues/39427 we all

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #39427 


**Release note**:
```
kubectl version has new flag --output (=json or yaml) allowing result of the command to be parsed in either json format or yaml. 
```
 2017-03-28 12:12:22 -07:00
Kubernetes Submit Queue
ab892f9de8 Merge pull request #43735 from CaoShuFeng/godeprestore 
Automatic merge from submit-queue (batch tested with PRs 40885, 43623, 43735)

Use "hack/godep-restore.sh" instead of "godep restore"

Now we get errors when run "godep restore".
So we need to update the help message.
@derekwaynecarr 

**Special notes for your reviewer**:

**Release note**:

```NONE
```
 2017-03-28 11:16:24 -07:00
Alejandro Escobar
a5e6dcb434 addressing issue #39427 adding a flag --output to allow for either json or yaml. 
updating with PR changes requested.

latest changes to having short for human readable only, and error cases moved a bit to the end.

rebase fixes

latest pr. changes.

small change moving return nil out of switch.

updated the nil check for the error in the humanreadable case.

more optimization in humanreadable code.

pushed up current test changes, this is purely temporary

finished writing tests

updated test and function names.

changed output extensions from .sh to output.

updated version, version struct now just called Version and not VersionObj.

made a few changes to testing.

fixed testing issues, created better test and cleanup

go format change.
 2017-03-28 10:07:53 -07:00
joseph-lanoux
b2560666fa Update ginkgo-e2e.sh 2017-03-28 15:18:18 +01:00
Joseph Lanoux
168394c6d5 Fix the ginkgo nocolor parameter 
When running the e2e tests in parallel, the ginkgo nocolor is not
honored and produces a colored output. This change adds the
GINKGO_NO_COLOR environment variable.
 2017-03-28 15:18:01 +01:00
Cao Shufeng
205a5abee9 Use "hack/godep-restore.sh" instead of godep restore 2017-03-28 04:05:47 -04:00
p0lyn0mial
86e06e2401 Admission plugin initializer for the generic API server. 
This PR implements a standard admission plugin initializer for the generic API server.
The initializer accepts external clientset, external informers and the authorizer.
 2017-03-28 08:13:09 +02:00
Klaus Ma
c6e79167f4 Skip e2e test for Mac. 2017-03-28 11:40:40 +08:00
Kubernetes Submit Queue
b6d187d5f2 Merge pull request #42087 from cblecker/scheduler-lint 
Automatic merge from submit-queue

Add plugin/pkg/scheduler to linted packages

**What this PR does / why we need it**:
Adds plugin/pkg/scheduler to linted packages to improve style correctness.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #41868 

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-03-27 15:14:15 -07:00
Kubernetes Submit Queue
eaf8351d45 Merge pull request #41554 from jsafrane/local-up-class 
Automatic merge from submit-queue

local-up-cluster.sh should create a default storage class

To make dynamic provisioning working out of the box in local cluster a default
storage class needs to be instantiated.

```release-note
NONE
```
 2017-03-27 12:51:27 -07:00
Kubernetes Submit Queue
b705835bae Merge pull request #42911 from deads2k/server-04-combined 
Automatic merge from submit-queue (batch tested with PRs 43694, 41262, 42911)

combine kube-apiserver and kube-aggregator

This combines several pulls currently in progress and wires them together.  The aggregator sits in front of the normal kube-apiserver and allows local fallthrough instead of proxying.

@kubernetes/sig-api-machinery-misc 
@DirectXMan12 since you seem invested, your life will get easier
@luxas FYI since you've started trying to wire something together.  



Dependent Pulls LGTM:
- [x] https://github.com/kubernetes/kubernetes/pull/42801
- [x] https://github.com/kubernetes/kubernetes/pull/42886
- [x] https://github.com/kubernetes/kubernetes/pull/42900
- [x] https://github.com/kubernetes/kubernetes/pull/42732
- [x] https://github.com/kubernetes/kubernetes/pull/42672
- [x] https://github.com/kubernetes/kubernetes/pull/43141
- [x] https://github.com/kubernetes/kubernetes/pull/43076
- [x] https://github.com/kubernetes/kubernetes/pull/43149
- [x] https://github.com/kubernetes/kubernetes/pull/43226
- [x] https://github.com/kubernetes/kubernetes/pull/43144
 2017-03-27 09:30:24 -07:00
deads2k
546b45c9c0 enable generation 2017-03-27 09:56:26 -04:00
deads2k
8e26fa25da wire in aggregation 2017-03-27 09:44:10 -04:00
Kubernetes Submit Queue
7564849fb4 Merge pull request #43522 from cblecker/staging-godep-ignore 
Automatic merge from submit-queue

Ignore GoVersion and GodepVersion in staging-godep diff

**What this PR does / why we need it**:
This modifies the hack/update-staging-godeps.sh script to ignore GoVersion and GodepVersion in the diff it makes, similar to what hack/verify-godeps.sh does

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2017-03-26 10:25:14 -07:00
Kubernetes Submit Queue
dae73287ab Merge pull request #43569 from alejandroEsc/ae/localup/etcd3 
Automatic merge from submit-queue (batch tested with PRs 43149, 41399, 43154, 43569, 42507)

allow etcd2/3 choice when bringing up a local cluster, default to etcd3

**What this PR does / why we need it**: local-up-cluster currently doesn't allow you to select which etcd version to use, here we allow you to select one, since k8s is moving towards etcd3 we suggest it to be the default.

**Special notes for your reviewer**: Note, i didnt realize this until i had used https://github.com/kubernetes/kubernetes/pull/42656 which made it immediately clear.

**Release note**:
```
NONE
```
 2017-03-26 00:55:23 -07:00
Kubernetes Submit Queue
bc0171c6ec Merge pull request #43312 from deads2k/cli-08-discovery 
Automatic merge from submit-queue (batch tested with PRs 43429, 43416, 43312, 43141, 43421)

add singular resource names to discovery

Adds the singular resource name to our resource for discovery.  This is something we've discussed to remove our pseudo-pluralization library which is unreliable even for english and really has no hope of properly handling other languages or variations we can expect from TPRs and aggregated API servers.

This pull simply adds the information to discovery, it doesn't not re-wire any RESTMappers.

@kubernetes/sig-cli-misc  @kubernetes/sig-apimachinery-misc @kubernetes/api-review


```release-note
API resource discovery now includes the `singularName` used to refer to the resource.
```
 2017-03-25 22:24:25 -07:00
Kubernetes Submit Queue
14c1c9cfd4 Merge pull request #43020 from cblecker/verify-artifacts 
Automatic merge from submit-queue (batch tested with PRs 42998, 42902, 42959, 43020, 42948)

Export godep patch files to artifacts

**What this PR does / why we need it**:
If a godep patch file is created, and a `${WORKSPACE}/_artifacts` directory exists, copy the patch file out to it.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```

cc: @fejta
 2017-03-25 17:17:26 -07:00
Kubernetes Submit Queue
a9c8d97709 Merge pull request #42801 from deads2k/agg-25-local 
Automatic merge from submit-queue

add local option to APIService

APIServices need an option to avoid proxying in cases where the groupversion is handled later in the chain.  This will allow a coherent and complete set of APIServices, but won't require extra connections.

@kubernetes/sig-api-machinery-misc @ncdc @cheftako
 2017-03-25 15:12:19 -07:00
Kubernetes Submit Queue
4061664d03 Merge pull request #43048 from shiywang/e2e-param 
Automatic merge from submit-queue (batch tested with PRs 43048, 43624, 43649)

expose -untilItFails in hack/e2e.go

Fixes https://github.com/kubernetes/kubernetes/issues/43026
 2017-03-25 13:29:21 -07:00
Christoph Blecker
74ab872927
Ignore GoVersion and GodepVersion in staging-godep diff 2017-03-25 12:17:59 -07:00
Christoph Blecker
3ad13293bc
Export patch files to artifacts 2017-03-25 12:16:50 -07:00
Kubernetes Submit Queue
4aa9168536 Merge pull request #41581 from marun/cleanup-test-integration 
Automatic merge from submit-queue (batch tested with PRs 43642, 43170, 41813, 42170, 41581)

Cleanup make test-integration

``make test-integration`` was using the first positional arg passed to ``WHAT`` to filter the list of integration test packages.  This PR switches to passing ``WHAT`` verbatim to be consistent with how ``make test`` works.  That means the new way to scope execution to a single integration package will be:

```bash
make test-integration WHAT="./test/integration/auth" KUBE_TEST_ARGS="-run=^TestKindAuthorization$"
```

Instead of:

```bash
make test-integration WHAT="auth -test.run=^TestKindAuthorization$"
```

This PR also ensures that the script exits after running a single test case and that etcd cleanup is not done twice at the end of a successful test run.  Both were issues encountered while diagnosing the scoping issue.

cc: @thockin @deads2k @stevekuznetsov @ncdc @derekwaynecarr
 2017-03-24 19:04:30 -07:00
Kubernetes Submit Queue
20b01be016 Merge pull request #41813 from shiywang/timeout_options 
Automatic merge from submit-queue (batch tested with PRs 43642, 43170, 41813, 42170, 41581)

Be able to specify the timeout to wait for pod for kubectl logs/attach

Fixes https://github.com/kubernetes/kubernetes/issues/41786
current flag is `get-pod-timeout`, we can have a discussion if you have better one, default unit is seconds, above 0

@soltysh @kargakis ptal, thanks
@kubernetes/sig-cli-feature-requests
 2017-03-24 19:04:26 -07:00
Nick Sardo
baab99b823 Adding load balancer src ranges; support flag overrides 2017-03-24 16:36:19 -07:00
Kubernetes Submit Queue
0e17e5bd9c Merge pull request #38882 from fraenkel/configmap_env_file 
Automatic merge from submit-queue (batch tested with PRs 41139, 41186, 38882, 37698, 42034)

create configmap from-env-file

Allow ConfigMaps to be created from Docker based env files.

See proposal https://github.com/kubernetes/community/issues/165

**Release-note:**
```release-note
1. create configmap has a new option --from-env-file that populates a configmap from file which follows a key=val format for each line.
2. create secret has a new option --from-env-file that populates a configmap from file which follows a key=val format for each line.
```
 2017-03-24 12:33:25 -07:00
Dmitry1987
965dab366b make hpa upscale and downscale delay window configurable 2017-03-24 18:01:04 +00:00
Kubernetes Submit Queue
9aac45a5be Merge pull request #42347 from aveshagarwal/master-local-cluster-up-fix 
Automatic merge from submit-queue

Fix local cluster up script for kube-public namespace error.

Fix local cluster up script for kube-public namespace error:
```
Error from server (AlreadyExists): namespaces "kube-public" already exists
```
 2017-03-24 10:25:41 -07:00
Jordan Liggitt
707f0fb131
Preserve API group order in discovery, prefer extensions over apps 2017-03-23 11:10:53 -04:00
Alejandro Escobar
6a8f55736a allow etcd2/3 choice when bringing up a local cluster, default to 3 but thats negotiable, it is what we will be using going forwards. 2017-03-23 06:42:44 -07:00
Jordan Liggitt
db52b4eb04
Make kubectl replace unconditional 2017-03-22 01:09:56 -04:00
Janet Kuo
d0b5de855f Add a test for semantically equal DaemonSet updates 2017-03-21 16:06:34 -07:00
deads2k
36cb9ed640 add singular resource names to discovery 2017-03-21 11:04:08 -04:00
Christoph Blecker
ca24afe778
Additional plugin/pkg/scheduler golint fixes 2017-03-19 09:47:58 -07:00
Christoph Blecker
0fac97a062
Add plugin/pkg/scheduler to linted packages 2017-03-19 09:44:14 -07:00
shashidharatd
7943ed7585 Use CoreDNS provider for starting federation controller manager in kubectl tests 2017-03-18 23:00:30 +05:30
Shiyang Wang
788eabe7ba expose until-it-fails param 2017-03-17 08:14:54 +08:00
Kubernetes Submit Queue
b617cabfca Merge pull request #43192 from liggitt/kubectl-test-retry 
Automatic merge from submit-queue

Retry kubectl test replace on conflict

Since kubectl is doing a resource-version-constrained replace, it is subject to conflicts on a contentious resource (like a node managed by the node controller)

Fixes #41892 (the specific flake, not the watch cache issue)
 2017-03-16 08:23:21 -07:00
Jordan Liggitt
9cd791e83c
Retry kubectl test replace on conflict 2017-03-16 08:39:47 -04:00
Kubernetes Submit Queue
1357cafa71 Merge pull request #43180 from mbohlool/bugfix 
Automatic merge from submit-queue (batch tested with PRs 43180, 42928)

Verify generated protobuf script should fail on staging/ changes too

fixes #35486
 2017-03-15 19:58:20 -07:00
mbohlool
f6e4c99548 Verify generated protobuf script should fail on staging/ changes too 2017-03-15 16:15:02 -07:00
Kubernetes Submit Queue
6d2defbc09 Merge pull request #42967 from cblecker/godep-version79 
Automatic merge from submit-queue (batch tested with PRs 40964, 42967, 43091, 43115)

Update hack scripts to use godep v79 and ensure_godep_version

**What this PR does / why we need it**:
Based on #42965 and https://github.com/kubernetes/kubernetes/pull/42958#discussion_r105568318, this pins the godep version at v79, which should fix some issues when running godep in go1.8 local environments.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #42817

**Special notes for your reviewer**:
This should likely get the v1.6 milestone so that it can be merged into master. While I'm setting a default godep version, I'm continuing to use the local pins per this comment: https://github.com/kubernetes/kubernetes/pull/42965#issuecomment-285962723 .

**Release note**:

```release-note
NONE
```

cc: @sttts
 2017-03-15 16:08:25 -07:00
shashidharatd
b09b20b598 Remove FEDERATIONS_DOMAIN_MAP references 2017-03-15 23:06:16 +05:30
Christoph Blecker
4d85a54027
Change verify-godeps.sh use ensure_godep_version 2017-03-15 10:32:44 -07:00
Christoph Blecker
d31a88fee7
Bump godep version to v79 2017-03-15 10:32:37 -07:00
Kubernetes Submit Queue
9e8114655f Merge pull request #40404 from tanshanshan/unit-test-scheduler4 
Automatic merge from submit-queue (batch tested with PRs 40404, 43134, 43117)

Improve code coverage for scheduler/api/validation

**What this PR does / why we need it**:

Improve code coverage for scheduler/api/validation from #39559

Thanks
**Special notes for your reviewer**:

**Release note**:

```release-note
```
 2017-03-15 08:27:20 -07:00
Kubernetes Submit Queue
a91869a0c5 Merge pull request #42819 from MrHohn/dns-cm-scripts 
Automatic merge from submit-queue (batch tested with PRs 43018, 42713, 42819)

Update startup scripts for kube-dns ConfigMap and ServiceAccount

Follow up PR of #42757. This PR changes all existing startup scripts to support default kube-dns ConfigMap and ServiceAccount.

@bowei 

cc @liggitt 

**Release note**:

```release-note
NONE
```
 2017-03-14 16:43:19 -07:00
Kubernetes Submit Queue
6de28fab7d Merge pull request #42942 from vishh/gpu-cont-fix 
Automatic merge from submit-queue (batch tested with PRs 42942, 42935)

[Bug] Handle container restarts and avoid using runtime pod cache while allocating GPUs

Fixes #42412

**Background**
Support for multiple GPUs is an experimental feature in v1.6. 
Container restarts were handled incorrectly which resulted in stranding of GPUs
Kubelet is incorrectly using runtime cache to track running pods which can result in race conditions (as it did in other parts of kubelet). This can result in same GPU being assigned to multiple pods.

**What does this PR do**
This PR tracks assignment of GPUs to containers and returns pre-allocated GPUs instead of (incorrectly) allocating new GPUs.
GPU manager is updated to consume a list of active pods derived from apiserver cache instead of runtime cache.
Node e2e has been extended to validate this failure scenario.

**Risk**
Minimal/None since support for GPUs is an experimental feature that is turned off by default. The code is also isolated to GPU manager in kubelet.

**Workarounds**
In the absence of this PR, users can mitigate the original issue by setting `RestartPolicyNever`  in their pods.
There is no workaround for the race condition caused by using the runtime cache though.
Hence it is worth including this fix in v1.6.0.

cc @jianzhangbjz @seelam @kubernetes/sig-node-pr-reviews 

Replaces #42560
 2017-03-14 10:19:17 -07:00
shiywang
52e4be2578 Be able to specify the timeout to wait for pod for kubectl logs/attach 2017-03-14 23:00:31 +08:00
Kubernetes Submit Queue
5e29e1ee05 Merge pull request #42623 from liggitt/kubectl-version 
Automatic merge from submit-queue

Fix v0.0.0 in kubectl built from master

Fixes https://github.com/kubernetes/kubernetes/issues/40813
 2017-03-13 15:06:31 -07:00
Vishnu kannan
46708be3e8 linter fixes 
Signed-off-by: Vishnu kannan <vishnuk@google.com>
 2017-03-13 10:58:26 -07:00
deads2k
b27de102cb add local option to APIService 2017-03-13 10:10:50 -04:00
Kubernetes Submit Queue
e1ec10f248 Merge pull request #42851 from madhusudancs/fed-down-improvements 
Automatic merge from submit-queue

[Federation] Unjoin only the joined clusters while bringing down the federation control plane.

A few other minor improvements.

**Release note**:

```release-note
NONE
```
 2017-03-12 16:29:37 -07:00
Madhusudan.C.S
ed10bb7643 [Federation] Unjoin only the joined clusters while bringing down the federation control plane. 
A few other minor improvements.
 2017-03-12 13:05:26 -07:00
Dr. Stefan Schimanski
792d1f3dc0 hack/verify-staging-imports.sh: check that plugins are not imported by default 2017-03-12 19:51:31 +01:00
Dr. Stefan Schimanski
f88bae8191 hack/godep-restore.sh: use godep v79 which works 2017-03-12 18:43:10 +01:00
Kubernetes Submit Queue
328e555f72 Merge pull request #41794 from shashidharatd/federation-upgrade-tests-1 
Automatic merge from submit-queue (batch tested with PRs 41794, 42349, 42755, 42901, 42933)

[Federation][e2e] Add framework for upgrade test in federation

Adding framework for federation upgrade tests. please refer to #41791

cc @madhusudancs @nikhiljindal @kubernetes/sig-federation-pr-reviews
 2017-03-10 22:02:15 -08:00
Kubernetes Submit Queue
d2d3884f83 Merge pull request #42362 from soltysh/deployment_generators 
Automatic merge from submit-queue (batch tested with PRs 38805, 42362, 42862)

Fix deployment generator after introducing deployments in apps/v1beta1

This PR does two things:

1. Switches all generator to produce versioned objects, to bypass the problem of having an object in multiple versions, which then results in not having stable generator (iow. producing exactly the same object).
2. Introduces new generator for `apps/v1beta1` deployments.

@kargakis @janetkuo ptal

@kubernetes/sig-apps-pr-reviews @kubernetes/sig-cli-pr-reviews ptal

This is a followup to https://github.com/kubernetes/kubernetes/pull/39683, so I'm adding 1.6 milestone.

```release-note
Introduce new generator for apps/v1beta1 deployments
```
 2017-03-10 14:01:21 -08:00
Kubernetes Submit Queue
a54d493216 Merge pull request #42608 from xilabao/patch-8 
Automatic merge from submit-queue (batch tested with PRs 42608, 42444)

fix typo in know-flags

ref to https://github.com/kubernetes/kubernetes/pull/41417
 2017-03-10 12:50:22 -08:00
shashidharatd
f2fa2f6dd6 New packages added to hack/.linted_packages 2017-03-11 01:39:56 +05:30
shashidharatd
662f0ef531 Add framework for federation upgrade tests 2017-03-11 01:39:56 +05:30
Maciej Szulik
aa4390750c Introduce new generator for apps/v1beta1 deployments 2017-03-10 12:08:01 +01:00
Kubernetes Submit Queue
ab6fecfa3a Merge pull request #42811 from gnufied/validation-no-probe 
Automatic merge from submit-queue (batch tested with PRs 42811, 42859)

 Validation PVs for mount options

We are going to move the validation in its own package and we will be calling validation for individual volume types as needed.

Fixes https://github.com/kubernetes/kubernetes/issues/42573
 2017-03-09 18:47:52 -08:00
tanshanshan
6fd76dc139 fix 2017-03-10 10:44:21 +08:00
Hemant Kumar
12d6b87894 Validation PVs for mount options 
We are going to move the validation in its own package
and we will be calling validation for individual volume types
as needed.
 2017-03-09 18:24:37 -05:00
Kubernetes Submit Queue
4540674b04 Merge pull request #42758 from krousey/downgrades 
Automatic merge from submit-queue (batch tested with PRs 42734, 42745, 42758, 42814, 42694)

Implement automated downgrade testing.

Node version cannot be higher than the master version, so we must
switch the node version first. Also, we must use the upgrade script
from the appropriate version for GCE.
 2017-03-09 15:06:56 -08:00
Kris
cc84e0895a Implement automated downgrade testing. 
Node version cannot be higher than the master version, so we must
switch the node version first. Also, we must use the upgrade script
from the appropriate version for GCE.
 2017-03-09 12:45:20 -08:00
Zihong Zheng
3acff7d3ef Update startup scripts for kube-dns ConfigMap and ServiceAccount 2017-03-09 11:10:23 -08:00
Kubernetes Submit Queue
376282227f Merge pull request #42726 from sttts/sttts-unify-godep-scripts 
Automatic merge from submit-queue

Ensure a fixed godep version in hack/*-godep*.sh

No godep pinning asks for trouble when godep changes behaviour once again.

Moreover, call `hack/godep-restore.go` from `hack/update-all-staging.sh`. This was an actual bug.
 2017-03-09 07:37:47 -08:00
Kubernetes Submit Queue
1a3c3be58b Merge pull request #42786 from gyliu513/feature-gates 
Automatic merge from submit-queue (batch tested with PRs 42786, 42553)

Updated comments for TaintBasedEvictions.

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:
 2017-03-09 07:37:35 -08:00
Dr. Stefan Schimanski
798d9c2ed3 Unify godep code in hack/*-godep*.sh 2017-03-09 15:03:13 +01:00
Kubernetes Submit Queue
72c94b1aa8 Merge pull request #42728 from sttts/sttts-udpate-all-dirty-checkout 
Automatic merge from submit-queue

Don't try to run hack/verify-staging-* on dirty repository

When the repo is dirty after running all `update-*` scripts in `hack/update-all.sh`, the staging verify scripts still fail. This PR removes these from `hack/update-all.sh`. Instead give useful instructions or continue automatically with `hack/update-all-staging.sh`.
 2017-03-09 05:09:44 -08:00
Dr. Stefan Schimanski
c128e4686a Don't try to run hack/verify-staging-* on dirty repository 2017-03-09 13:05:31 +01:00
Guangya Liu
ed28695d3e Updated comments for TaintBasedEvictions. 2017-03-09 17:06:31 +08:00
Michael Fraenkel
7eb49628c6 create configmap from-env-file 2017-03-08 07:58:01 -08:00
nikhiljindal
3b8ba56e7d Enable secret tests 2017-03-07 15:40:20 -08:00
nikhiljindal
ded881db20 Set wait for deletion for federation apiserver kubectl tests 2017-03-07 15:40:20 -08:00
Jordan Liggitt
2d06607885
Fix v0.0.0 in kubectl built from master 2017-03-07 01:09:57 -05:00
xilabao
c64f146a34 fix typo in know-flags 2017-03-06 19:06:57 -06:00
Anthony Yeh
cec3899b96 Deployment: Remove Overlap and SelectorUpdate annotations. 
These are not used anymore since ControllerRef now protects against
fighting between controllers with overlapping selectors.
 2017-03-06 15:12:08 -08:00