This change includes the yaml files and gce startup script changes
to run this addon. It is disabled by default, can be enabled by setting
KUBE_ENABLE_NODELOCAL_DNS=true
An ip address is required for the cache instance to listen for
requests on, default is a link local ip address of value 169.254.25.10
addressed review comments, updated image location
Picked a different prometheus port so stats port is not same as the
coredns deployment
Removed the nodelocaldns-ready label.
Set memory limit to 30Mi
Automatic merge from submit-queue (batch tested with PRs 66489, 66728, 66739). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove incomplete check of ipvs modules in hack/local-up-cluster.sh
**What this PR does / why we need it**:
Currently `hack/local-up-cluster.sh` executes `sudo modprobe -a ip_vs ip_vs_rr ip_vs_wrr ip_vs_sh nf_conntrack_ipv4` to check whether the ipvs required modules exist, which leaves out the scenario https://github.com/kubernetes/kubernetes/issues/63801 mentioned.
Since `func CanUseIPVSProxier` in `pkg/proxy/ipvs/proxier.go` covers all scenarios, maybe we should just remove this part instead of adding codes.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Switch off leader election for scheduler and kube/cloud controller
**What this PR does / why we need it**:
We now have leader election on by default, for a single node
local-up-cluster, this is not needed. Let's switch it off
This will reduce the flakiness and timeouts we see in the local e2e CI jobs.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
enable etcd logging in local-e2e jobs
**What this PR does / why we need it**:
We are not saving the etcd logs and just redirecting the output
to /dev/null. In this change, we set ETCD_LOGFILE to the same
directory where we log other kube relates processes.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
See example run in http://gcsweb.k8s.io/gcs/kubernetes-jenkins/pr-logs/pull/66608/pull-kubernetes-local-e2e/254/artifacts/kubetest-local263115757/
**Release note**:
```release-note
NONE
```
We now have leader election on by default, for a single node
local-up-cluster, this is not needed. Let's switch it off
Change-Id: I5cc4c3b9f74e318f378f239d1e8ee84603b3a6ef
We are not saving the etcd logs and just redirecting the output
to /dev/null. In this change, we set ETCD_LOGFILE to the same
directory where we log other kube relates processes.
Change-Id: I719a941665b749b864f2efdcdfc7ddc7b2a61776
Automatic merge from submit-queue (batch tested with PRs 60150, 65467, 65487, 65595, 65374). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add warning function that includes timestamp
Knowing when a process has terminated is helpful when looking through log files. The scenario that happened to me was that /tmp filled up, so as expected things failed. But I'd really like to know when things got bad without looking through 10G log files.
Release note:
```release-note
NONE
```
Knowing when a process has terminated is helpful when looking through
log files (especially very large ones). This also refactors the terminal
coloring function to be used with custom prefix and colors.
warning_log outputs red text in the current e2e inspired format:
W0628 16:58:26]: this is a test
Automatic merge from submit-queue (batch tested with PRs 61610, 64591, 58143, 63929). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Create CoreDNS and kube-dns folders
**What this PR does / why we need it**:
Separate the CoreDNS and kube-dns manifests by creating their own folders (dns/coredns and dns/kube-dns)
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61435
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
cc @MrHohn
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add optional flag of node port range
**What this PR does / why we need it**:
Add option of setting port range when using hack/local-up-cluster.sh
**Which issue(s) this PR fixes**
Inability to set port range flag
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update all script shebangs to use /usr/bin/env interpreter instead of /bin/interpreter
This is required to support systems where bash doesn't reside in /bin (such as NixOS, or the *BSD family) and allow users to specify a different interpreter version through $PATH manipulation.
https://www.cyberciti.biz/tips/finding-bash-perl-python-portably-using-env.html
```release-note
Use /usr/bin/env in all script shebangs to increase portability.
```
* Adjust hyperkube Makefile to allow HYPERKUBE_BIN to be
specified from outside
* new DOCKER_ROOT variable to specify --root-dir and associated
volume for kubelet to know where docker directory lives
* Save the docker logs when we kill the kubelet container
* Allow customized image for dockerized kubelet and build a Default
image if one is not specified
We should allow a custom build using script we have:
`VERSION="latest" REGISTRY="k8s.gcr.io" hack/dev-push-hyperkube.sh`
to be used quickly using DOCKERIZE_KUBELET. To do this we remove the
hard coded `k8s.gcr.io/kubelet` image and introduce a new environment
variable `KUBELET_IMAGE`.
Note that we are switching to hyperkube from kubelet as we have a quick
and easy script to build hyperkube image and load it into local docker
daemon. This reduces bad hacks like `docker tag
k8s.gcr.io/hyperkube-amd64:<tag> k8s.gcr.io/kubelet:latest` being used
by folks today (see 62057)
* Better cope with PID 0 when running "docker inspect" to look for
the process id for kubelet container
Automatic merge from submit-queue (batch tested with PRs 62726, 60085, 62583). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove podpreset in local up cluster
This was enabled in 6a7aca3129, but
shouldn't have been since the podpreset implementation is in the process
of being moved into service-catalog.
Release note:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62445, 62768, 60633). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Local up cluster enhancements
**What this PR does / why we need it**:
Networking in a cluster brought up by hack/local-up-cluster.sh was broken because kube-proxy fails to start: connectivity to the Internet is okay, but anything involving communication among services (for example, starting cluster DNS) fails.
Debugging this took a while because there was no indication in the output of hack/local-up-cluster.sh that something had gone wrong. There were also some harmless "no such process" errors during cleanup.
The kube-proxy startup issue was fixed in parallel by PR #60431 but that fix turned out to be incomplete, so this PR uses a different approach, suppresses the harmless error messages (caused by a race) and also makes it more obvious when processes die by checking them regularly.
**Special notes for your reviewer**:
I used
KUBE_ENABLE_CLUSTER_DNS=true NET_PLUGIN=kubenet hack/local-up-cluster.sh -O
to start the cluster. Check the kube-dns pod and its logs to see how kube-dns fails to communicate with the API server.
I've left out health checking of kubelet when run under Docker because that isn't something that I have used myself yet and I wanted to send the enhancements without further delays. I can try to add that later once you agree that such a health check is useful.
**Release note**:
```release-note
fix network setup in hack/local-up-cluster.sh (https://github.com/kubernetes/kubernetes/pull/60431)
better error diagnostics in hack/local-up-cluster.sh output
```
Automatic merge from submit-queue (batch tested with PRs 58784, 62057, 62621, 62652, 62656). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update docker run flags for containized kubelet in hack/local-up-cluster.sh
**What this PR does / why we need it**:
I'm working on https://github.com/kubernetes/kubernetes/issues/61741, and found `docker run` flags in `hack/local-up-cluster.sh` for kubelet container is too old.
- /var/lib/docker should be mount read-write, because kubelet needs to
update /etc/resolv.conf file in container, see #29378
- /var/lib/kubelet should be mount shared, because mountpoints under
this directory must be propagated to other containers
- `--pid=host` is needed to run `nsenter --mount=/rootfs/proc/1/ns/mnt -- /usr/bin/systemd-run --scope` correctly (don't know exact reason, but with `--pid=host`, it works)
- configure cluster dns for kubelet running in a container
- should propagate sub-mounts of / to kubelet for local volume
With this fix, we can start a local cluster with containerized kubelet.
```
# pull or build a hyperkube image first
docker tag k8s.gcr.io/hyperkube-amd64:<tag> k8s.gcr.io/kubelet:latest
export DOCKERIZE_KUBELET=y
./hack/local-up-cluster.sh
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
refer to: https://github.com/kubernetes/kubernetes-anywhere/blob/master/phase2/ignition/vanilla/kubelet.service.
**Release note**:
```release-note
NONE
```
- /var/lib/docker should be mount read-write, because kubelet needs to
update /etc/resolv.conf file in container, see #29378
- /var/lib/kubelet should be mount rslave, because mountpoints under
this directory must be propagated to other containers
- `--pid=host` is needed to run `nsenter --mount=/rootfs/proc/1/ns/mnt -- /usr/bin/systemd-run --scope` correctly
- configure cluster dns for kubelet running in a container
- should propagate sub-mounts of / to kubelet for local volume
- Use rslave to mount /var/lib/docker/ so we can see what the host
mounts under this path.
- Keep containerized kubelet flags same as non-containerized and check
kubelet is running or not.
- Use `all_kubelet_flags` to share kubelet flags.
Commit 43cb024402 replaced command line parameters with a .yaml
configuration file. But feature gates must be configured with a map in
.yaml, not with a comma-separated string as in the command line
parameters. As a result, kube-proxy failed to start and networking was
broken in the cluster.
Commit c339fc0c4f tried to fix that by moving feature gates back to
the command line, but later it was found out that the command line
parameter gets ignored when also specifying a config.
Therefore now the feature gates variable gets converted into a proper
map in the config.
This helps developers detect when something went wrong and then also
points them in the right direction by showing where the corresponding
log file is, if there is one.
For example, since commit 43cb024402 in April 2017 kube-proxy failed
to start because featureGates was not set correctly in the .yaml file,
but no-one seems to have noticed this.
Killing processes in cleanup is racing with those processes
terminating by themselves when aborting local-up-cluster.sh with
CTRL-C. That leads to unnecessary error messages:
^CCleaning up...
kill: (21592): No such process
kill: (21586): No such process
Automatic merge from submit-queue (batch tested with PRs 59027, 62333, 57661, 62086, 61584). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
local-up-cluster.sh: support preserving etcd optionally
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
**What this PR does / why we need it**:
Allow `hack/local-up-cluster.sh` to support preserve `ETCD_DIR` when `PRESERVE` is set to non-false value.
usage:
```
$ PRESERVE=true ETCD_DIR=/var/lib/etcd-kube-HEAD .... \
./hack/local-up-cluster.sh
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
(None)
**Special notes for your reviewer**:
(None)
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 61904, 61565, 61401, 61432, 61772). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove rktnetes code
**What this PR does / why we need it**:
rktnetes is scheduled to be deprecated in 1.10 (#53601). According to the deprecation policy for beta CLI and flags, we can remove the feature in 1.11.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58721
**Special notes for your reviewer**:
**Release note**:
```release-note
Removed rknetes code, which was deprecated in 1.10.
```
/assign @yujuhong
/hold
Hold until the end of the freeze.
In nested virutalized environments, the 1 second max-time is too
low. Just bumping up WAIT_FOR_URL_API_SERVER does not work unless
we bump up the max-time too. Let us just make it configurable like
so folks can customize to their environment.
Automatic merge from submit-queue (batch tested with PRs 60980, 61273, 60811, 61021, 61367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
prevent conformance test failure in DIND scenario
**What this PR does / why we need it**:
in the "ci-kubernetes-local-e2e" job, we are running local-up-cluster.sh
using DIND. We see failure for "HostPath should give a volume the
correct mode [Conformance]" test. The failure looks as follows:
linux mounts: path /tmp is mounted on / but it is not a shared or slave
mount
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
https://github.com/kubernetes/kubernetes/issues/61058#issuecomment-372764783
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61124, 59537, 61235, 61258, 61114). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove outdated waiting apiserver comments in local-up-cluster.sh
**What this PR does / why we need it**:
Now secure port is used, remove outdated waiting for apiserver healthy comments in local-up-cluster.sh.
**Release note**:
```release-note
NONE
```
in the "ci-kubernetes-local-e2e" job, we are running local-up-cluster.sh
using DIND. We see failure for "HostPath should give a volume the
correct mode [Conformance]" test. The failure looks as follows:
linux mounts: path /tmp is mounted on / but it is not a shared or slave
mount
Local cluster is leaking memory due to mutation detector being enabled.
In addition there is no warning in the logs that this could be the
issue.
Added a log warning when this feature is enabled to make debugging this
issue easier for other cases of this.
Fixed import ordering as per @liggitt
Automatic merge from submit-queue (batch tested with PRs 59365, 60446, 60448, 55019, 60431). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use feature-gates command line for kube-proxy
**What this PR does / why we need it**:
Avoid throwing `featureGates:` into the kube-proxy yaml, since it's
not in the right format. It should be
```
featureGates:
AllAlpha: true
```
Since FEATURES_GATES is set to `AllAlpha=true`, we can't just throw that
into the yaml file. Just pass along FEATURES_GATES in the command line
instead just like we do for all other services
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60426
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Avoid throwing `featureGates:` into the kube-proxy yaml, since it's
not in the right format. It should be
```
featureGates:
AllAlpha: true
```
Since FEATURES_GATES is set to `AllAlpha=true`, we can't just throw that
into the yaml file. Just pass along FEATURES_GATES in the command line
instead just like we do for all other services
PVCProtection feature was renamed to Storage Protection in:
https://github.com/kubernetes/kubernetes/pull/58743
That's why it's renamed when brought into beta.
In addition, StorageProtection feature is brought into beta in 1.10 release.
There's a disconnect between 12d4eac038
and the earlier a6af827898. One says
KUBEPROXY_MODE and another says KUBE_PROXY_MODE. Let's just pick one.
Currently we fail with the following error:
hack/local-up-cluster.sh: line 808: KUBEPROXY_MODE: unbound variable
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add a new environment variable to the gce startup scripts called KUBE_PROXY_MODE
**What this PR does / why we need it**:
This PR adds a new environment variable called KUBE_PROXY_MODE to the startup scripts for gce. This variable will allow a user to specify the kube-proxy implementation they want to use, with the choices being ipvs or iptables (iptables is default).
Next steps:
1. Need to remove use of feature gateway when IPVS goes GA
2. Need to add logic of loading required ipvs kernel modules in the scripts
Question: If the proxier is IPVS, is it necessary to have the iptables sync period flags?
**Release note**:
```release-note
None
```
rename ALLOW_SECURITY_CONTEXT to DENY_SECURITY_CONTEXT_ADMISSION to be
in line with the other admission plugins (like PSP_ADMISSION). Make
sure by default, this plugin is not enabled as well.
Automatic merge from submit-queue (batch tested with PRs 57824, 58806, 59410, 59280). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Ability to run an external binary instead of hyperkube cloud-controller-manager
**What this PR does / why we need it**:
Since we want folks to test their own binaries, let's allow
a way for them them to specify a custom binary.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57824, 58806, 59410, 59280). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
2nd try at using a vanity GCR name
The 2nd commit here is the changes relative to the reverted PR. Please focus review attention on that.
This is the 2nd attempt. The previous try (#57573) was reverted while we
figured out the regional mirrors (oops).
New plan: k8s.gcr.io is a read-only facade that auto-detects your source
region (us, eu, or asia for now) and pulls from the closest. To publish
an image, push k8s-staging.gcr.io and it will be synced to the regionals
automatically (similar to today). For now the staging is an alias to
gcr.io/google_containers (the legacy URL).
When we move off of google-owned projects (working on it), then we just
do a one-time sync, and change the google-internal config, and nobody
outside should notice.
We can, in parallel, change the auto-sync into a manual sync - send a PR
to "promote" something from staging, and a bot activates it. Nice and
visible, easy to keep track of.
xref https://github.com/kubernetes/release/issues/281
TL;DR:
* The new `staging-k8s.gcr.io` is where we push images. It is literally an alias to `gcr.io/google_containers` (the existing repo) and is hosted in the US.
* The contents of `staging-k8s.gcr.io` are automatically synced to `{asia,eu,us)-k8s.gcr.io`.
* The new `k8s.gcr.io` will be a read-only alias to whichever regional repo is closest to you.
* In the future, images will be promoted from `staging` to regional "prod" more explicitly and auditably.
```release-note
Use "k8s.gcr.io" for pulling container images rather than "gcr.io/google_containers". Images are already synced, so this should not impact anyone materially.
Documentation and tools should all convert to the new name. Users should take note of this in case they see this new name in the system.
```
This is the 2nd attempt. The previous was reverted while we figured out
the regional mirrors (oops).
New plan: k8s.gcr.io is a read-only facade that auto-detects your source
region (us, eu, or asia for now) and pulls from the closest. To publish
an image, push k8s-staging.gcr.io and it will be synced to the regionals
automatically (similar to today). For now the staging is an alias to
gcr.io/google_containers (the legacy URL).
When we move off of google-owned projects (working on it), then we just
do a one-time sync, and change the google-internal config, and nobody
outside should notice.
We can, in parallel, change the auto-sync into a manual sync - send a PR
to "promote" something from staging, and a bot activates it. Nice and
visible, easy to keep track of.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kube-apiserver flag --admision-control is deprecated, use the new --e…
…nable-admission-plugins
**What this PR does / why we need it**:
1. As #58123 mark kube-apiserver flag `admission-control` deprecated, replace it in some places.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/assign @liggitt @deads2k @sttts
Automatic merge from submit-queue (batch tested with PRs 58955, 58968, 58971, 58963, 58298). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove --tls-ca-file which had no effect
The flag has had no effect since we started configuring loopback based on the direct cert. I've marked it deprecated this release so we don't break launch scripts right away, but its coming. I think we should remove it in 1.11.
```release-note-action-required
kube-apiserver flag --tls-ca-file has had no effect for some time. It is now deprecated and slated for removal in 1.11. If you are specifying this flag, you must remove it from your launch config before ugprading to 1.11.
```
See the following commit for more information about the
--external-cloud-volume-plugin flag:
070a7b5823
We need this flag for EXTERNAL_CLOUD_PROVIDER flag to work properly with
volume plugins
Also add --provider-id defaulting to hostname as we seem to pick
up the ip address otherwise causing problem with looking up the
node in the cloud provider
We need an easy way to test the new external cloud provider. So
let's keep the existing CLOUD_PROVIDER and CLOUD_CONFIG as-is and
add a flag EXTERNAL_CLOUD_PROVIDER to run a separate process.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
local-up-cluster.sh: improve messages when running with ENABLE_DAEMON=true
**What this PR does / why we need it**:
Don't suggest to use `Ctrl+C` or open up another terminal when the script was running with `ENABLE_DAEMON=true`.
**Release note**:
```release-note
NONE
```
CC @simo5
Automatic merge from submit-queue (batch tested with PRs 57292, 56274, 57435, 57438, 57429). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
enable podpreset by default in local up cluster
**What this PR does / why we need it**:
This PR enables PodPreset in Admission control and also for that
to work on the apiserver level enalbes the API group
settings.k8s.io/v1alpha1.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 56217, 56268, 56263, 56328, 56200). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
export ENABLE_POD_PP=true to enable Pod priority and preemption
**What this PR does / why we need it**:
Though pod priority and preemption is disabled by default in Kubernetes 1.8, it too many steps if you want to enable the feature manually. It is important to enable it in `local-up` cluster by `export` variable.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes [#](https://github.com/kubernetes/kubeadm/issues/554)
**Special notes for your reviewer**:
cc @shashidharatd @sttts @lavalamp
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 55360, 56444, 56687, 56791, 56802). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kube-apiserver: enable admissionregistration v1beta1 api by default
We have this enabled in the GCE cluster and in local-cluster-up, but forgot to switch the default. If we want people to use this feature by default in production clusters, we better enable the API.
Moreover, this PR fixes that beta works without alpha.
```release-note
Enable admissionregistration.k8s.io/v1beta1 by default in kube-apiserver.
```
Automatic merge from submit-queue (batch tested with PRs 54556, 55379, 55881, 55891, 55705). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
local-up-cluster.sh should start scheduler with FEATURE_GATES
Scheduler is currently started without any feature gates. It should use the same features as the rest of local cluster.
**Release note**:
```release-note
NONE
```
