Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Store the latest cloud provider node addresses
**What this PR does / why we need it**:
Buffer the recently retrieved node address so they can be used as soon as the next node status update is run.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#65814
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 65830, 65780, 65961). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
vSphere: set vCenter client UserAgent
**What this PR does / why we need it**:
Setting the client UserAgent makes it easier to identify vCenter sessions
used by the vSphere Cloud Provider. This is useful to remove sessions that
have leaked, such as when a VCP process goes away without calling Logout().
And to test that VCP properly re-authenticates when a session is removed.
Example use:
``` console
% govc session.ls | grep kubernetes-cloudprovider | awk '{print $1}' | xargs -n1 govc session.rm
```
**Special notes for your reviewer**:
Prior to the change, the session UserAgent is listed as `Go-http-client/1.1`, with the change as `kubernetes-cloudprovider/v1.12.0-...`
Format based on the azure provider client User-Agent: ac99da5e3e/pkg/cloudprovider/providers/azure/azure.go (L386-L393)
``` console
% govc session.ls
Key Name Time Idle Host Agent
5217bfbf-ed78-3538-c4f4-137dfdc87d97 VSPHERE.LOCAL\Administrator 2018-07-09 05:26 3m32s 10.0.0.237 kubernetes-cloudprovider/v1.12.0-alpha.0.1990+ac99da5e3e0c0d-dirty
52259ed5-417e-dab4-07bc-f1b01c06f6ce VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-07-09 05:25 4m41s 10.0.0.208 cl/1.0.0
5225b5d4-1c0a-e8e4-887e-5fa46fee0dc2 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:25 old 127.0.0.1 VMware vim-java 1.0
52385c6f-31b5-876e-3e44-35dc7120fe55 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:26 old 127.0.0.1 VMware vim-java 1.0
524b23c3-52b3-2fb8-00d4-914f1b34e9b1 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:25 old 127.0.0.1 VMware vim-java 1.0
524b6a02-0590-0c1b-db95-0d67b2c36875 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:26 1m26s 127.0.0.1 VMware vim-java 1.0
528b6f73-a658-f488-2651-05f3ec182757 VSPHERE.LOCAL\Administrator 2018-07-09 05:28 55s 10.0.0.237 Go-http-client/1.1
52987a71-c671-09e4-6613-ff480aa43882 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:25 old 127.0.0.1 VMware vim-java 1.0
52aa9262-a0c7-a79f-7983-2d3858ecc562 VSPHERE.LOCAL\Administrator 2018-07-09 05:09 . 10.0.0.154 govc/0.18.0
52b270fe-2e84-6209-04ff-f4597846ca79 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:26 old 127.0.0.1 VMware vim-java 1.0
52d7e734-80a9-0887-e6cb-13a92c1e4e30 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:25 old 127.0.0.1 VMware vim-java 1.0
52f5365e-6945-44c6-dc3c-0e3c90444bb0 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:26 old 127.0.0.1 VMware vim-java 1.0
52f58503-4943-e4c7-1d90-a3ec7d16ba71 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:26 old 127.0.0.1 VMware vim-java 1.0
52fd2f13-d1a9-7ff9-b779-c87b1e4e0490 VSPHERE.LOCAL\vpxd-extension-09179ffe-ed51-4dee-91a6-c60162932acd 2018-05-26 16:30 6m46s 10.0.0.208 VMware vim-java 1.0
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 65830, 65780, 65961). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
change field selector conversion registration to be strongly typed
the signature of these methods is misleading... they require a group-version-kind
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 64664, 65836, 65917). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubectl: Remove an extra character from rollout error message
**What this PR does / why we need it**:
Removes an extra character in a `kubectl rollout status` error message.
**Special notes for your reviewer**:
I thought this would be a good first contribution!
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Handle errors in generated client scheme
**What this PR does / why we need it**:
Adds missing error handling for schema construction code in generated clientsets.
**Which issue(s) this PR fixes**
Together with #64654fixes#51457.
**Release note**:
```release-note
NONE
```
/kind bug
/sig api-machinery
Automatic merge from submit-queue (batch tested with PRs 65456, 65549). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix flexvolume in containerized kubelets
Fixes flex volumes in containerized kubelets.
cc @jsafrane @chakri-nelluri @verult
Note to reviewers : e2e tests pass in local containarized cluster.
```release-note
Fix flexvolume in containarized kubelets
```
Automatic merge from submit-queue (batch tested with PRs 65456, 65549). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add volume mode field to constructed volume spec for CSI plugin
Add volume mode filed to constructed Volume Spec for CSI plugin
```release-note
Add volume mode filed to constructed volume spec for CSI plugin
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Adding traffic shaping support for CNI network driver
**What this PR does / why we need it**:
Adding traffic shaping support for CNI network driver - it's also a sub-task of kubenet deprecation work.
Design document is available here: https://github.com/kubernetes/community/pull/1893
**Which issue(s) this PR fixes**:
Fixes #
**Special notes for your reviewer**:
/cc @freehan @jingax10 @caseydavenport @dcbw
/sig network
/sig node
**Release note**:
```release-note
Support traffic shaping for CNI network driver
```
Setting the client UserAgent makes it easier to identify vCenter sessions
used by the vSphere Cloud Provider. This is useful to remove sessions that
have leaked, such as when a VCP process goes away without calling Logout().
And to test that VCP properly re-authenticates when a session is removed.
Example use:
govc session.ls | grep kubernetes-cloudprovider | awk '{print $1}' | xargs -n1 govc session.rm
Automatic merge from submit-queue (batch tested with PRs 65882, 65896, 65755, 60549, 65927). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Avoid printing some service comments in iptables rules
According to some profiles, with large number of endpoints in the system, comments mentioning the service in appropriate iptables rules may be responsible for 40% of all iptables contents.
Given that ~70% of memory usage of kube-proxy seems to be because of generated iptables rules, the overall saving may be at the level of 30% or so.
OTOH, we sacrifise a bit understandability of iptables, but this PR only changes some of iptables that contribute to the most painful rules.
@thockin @danwinship @dcbw - thoughts?
Ref #65441
Automatic merge from submit-queue (batch tested with PRs 65946, 65904, 65913, 65906, 65920). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improve multi-authorizer errors
Fixes#52279
Includes an indication from the RBAC authorizer that it attempted to authorize the request. this reduces confusion when combined with a webhook authorizer that returns specific reasons for rejection
/sig auth
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 65946, 65904, 65913, 65906, 65920). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
vSphere Cloud Provider: avoid read race during logout
**What this PR does / why we need it**:
The `go test -race` will sometimes detect a read race in the vSphere Cloud Provider logout function, causing tests to fail.
**Which issue(s) this PR fixes**:
Fixes#65696
**Special notes for your reviewer**:
The Client nil check was added in 6d1c4a3 , but there was not any
go test coverage of that code path until e22f9ca
**Release note**:
```release-note
none
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove --cadvisor-port - has been deprecated since v1.10
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56523
**Special notes for your reviewer**:
- Deprecated in https://github.com/kubernetes/kubernetes/pull/59827 (v1.10)
- Disabled in https://github.com/kubernetes/kubernetes/pull/63881 (v1.11)
**Release note**:
```release-note
[action required] The formerly publicly-available cAdvisor web UI that the kubelet started using `--cadvisor-port` is now entirely removed in 1.12. The recommended way to run cAdvisor if you still need it, is via a DaemonSet.
```
Automatic merge from submit-queue (batch tested with PRs 65897, 65909, 65856, 65815). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
only need to ignore resources that match discovery conditions
GC and quota controllers ignore resources that are too expensive to manage. In kube this is only events. The incompatible resources should now be excluded on the basis of discovery. We should actually reflect that in the RESTStorage (done for GC for events) and discovery too.
@liggitt
@kubernetes/sig-api-machinery-bugs
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 65838, 65837). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
output which pods are a pvc in use when kubectl describe pvc is run
**What this PR does / why we need it**:
This PR implements a feature request to display the pods mounted to a PVC when `kubectl describe pvc` is ran. We need it since the only way to see which pods are bound to a PVC is by checking the volume mounts of each individual pod in the namespace.
Example Output:
```
$ kubectl get pods,pvc
NAME READY STATUS RESTARTS AGE
test-pod 1/1 Running 0 2h
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
test-pvc Bound pvc-718681dd-70cc-11e7-aa14-42010af00029 100Gi RWO us-east1-b 345d
```
```
$ kubectl describe pvc
Name: elasticsearch-data-elasticsearch-data-us-east1-b-0
Namespace: partners-production
StorageClass: us-east1-b
Status: Bound
Volume: pvc-718681dd-70cc-11e7-aa14-42010af00029
Labels: <none>
Annotations: <none>
Finalizers: [kubernetes.io/pvc-protection]
Capacity: 1Gi
Access Modes: RWO
Events: <none>
Mounted By: test-pod
```
Pods using the PVC are shown with the `Mounted By` field
**Which issue(s) this PR fixes**:
Closes#65233
**Special notes for your reviewer**:
**Release note**:
```release-note
Running `kubectl describe pvc` now shows which pods are mounted to the pvc being described with the `Mounted By` field
```
Automatic merge from submit-queue (batch tested with PRs 65838, 65837). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix kubectl cluster-info bug
**What this PR does / why we need it**:
When api-server is not avaiable,` kubectl cluster-info `still prints information like: the cluster is running at ...
This patch fixes this bug
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes: #65817
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add cleanLegacyBindAddr
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#65263
**Special notes for your reviewer**:
To fix the issue,
use `activeBindAddrs` map which represents ip address successfully bind to DefaultDummyDevice in the round of sync
use `currentBindAddrs` map which represents ip addresses bind to DefaultDummyDevice from the system
create a function `cleanLegacyBindAddr` to unbind address which is in `currentBindAddrs` map but not in `activeBindAddrs` map
**Release note**:
```release-note
NONE
```
/sig network
/area kube-proxy
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix azure storage account creation failure
**What this PR does / why we need it**:
fix azure storage account creation failure
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#65845
**Special notes for your reviewer**:
This bug is due to azure-sdk-for-go API change introduced in v1.11:
fbe7db0e3f/services/storage/mgmt/2017-10-01/storage/models.go (L381-L382)
there is a new field `Kind` which is required, so any sdk upgrade from and old version would break the storage account creation since old code won't use `Kind`. I have filed an issue to azure-sdk-for-go: https://github.com/Azure/azure-sdk-for-go/issues/2182
**Release note**:
```
fix azure storage account creation failure
```
/kind bug
/sig azure
/assign @khenidak @feiskyer
cc @brendandburns
Automatic merge from submit-queue (batch tested with PRs 65805, 65811, 65833, 65488, 65857). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
flatten nested lists for flatten in visitor
Lists which contain lists should themselves be flattened by a flatten call to the resource builder
@kubernetes/sig-cli-maintainers
@soltysh @juanvallejo
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add help description and examples to wait
**Release note**:
```release-note
NONE
```
Adds --help description and examples to the `wait` command.
cc @soltysh
Automatic merge from submit-queue (batch tested with PRs 64593, 65117, 65629, 65827, 65686). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix `kubectl create priorityclass` failure bug
**What this PR does / why we need it**:
update` kubectl create priorityclass` command's api version.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#65685
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
