Automatic merge from submit-queue
simplify if and else for code
Signed-off-by: allencloud <allen.sun@daocloud.io>
**What this PR does / why we need it**:
This PR tries to simplify the code of if and else, and this could make code a little bit cleaner.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Timeout and Max-in-flight don't report non-resource URLs correctly.
Unify error reporting for 429 and 504 to be correct for timeout and max in flight and eviction. Add better messages to eviction (removing a todo). Return the correct body content for timeouts (reason and code should be correct).
This potentially increases cardinality of 429, but because non-api urls may be under the max-inflight budget we need to report them somewhere (if something breaks and starts fetching API versions endlessly).
```release-note
The 504 timeout error was returning a JSON error body that indicated it was a 500. The body contents now correctly report a 500 error.
```
Automatic merge from submit-queue (batch tested with PRs 48487, 49009, 49862, 49843, 49700)
fix swallowed error in kubectl rolling_updater
This fixes a swallowed error in kubectl.
AddDeploymentKeyToReplicationController() is already tested, but there was an error that was not being exposed.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48487, 49009, 49862, 49843, 49700)
add label examples for kubectl run
**What this PR does / why we need it**:
Add `--labels` examples for kubectl run
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
xref #49854
**Special notes for your reviewer**:
/cc @ahmetb
**Release note**:
```release-note
add examples for kubectl run --labels
```
Automatic merge from submit-queue
go-client: Use httpcache client for all requests, even though only openapi returns ETags for caching
**What this PR does / why we need it**: Use HTTP ETag for caching Swagger spec download
This also adds a new command-line flag "cachedir" to specify where the cache should keep its file. It defaults to `$HOME/.kube/http-cache`.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: partly #38637
**Special notes for your reviewer**:
Because this adds a bunch of dependencies, and removes a couple of files, I do recommend reading each commit individually.
**Release note**:
```release-note
```
Automatic merge from submit-queue
Update OWNERS to correct members' handles
**What this PR does / why we need it**:
Fix some typos of members' handles as per https://github.com/kubernetes/kubernetes/issues/50048#issuecomment-319831957.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Associated with: #50048
**Special notes for your reviewer**:
/cc @madhusudancs @sebgoa @liggitt @saad-ali
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 50119, 48366, 47181, 41611, 49547)
Task 0: Added node taints labels and feature flags
**What this PR does / why we need it**:
Added node taint const for node condition.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: part of #42001
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 50119, 48366, 47181, 41611, 49547)
Move remaining cert helper functions from pkg/serviceaccount to client-go/util/cert
**What this PR does / why we need it**:
Unifies all remaining certificate helper functions from pkh/serviceaccount to client-go/util/cert. Private key functions were moved in #40907
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#40807
**Special notes for your reviewer**:
**Release note**:
Automatic merge from submit-queue (batch tested with PRs 50119, 48366, 47181, 41611, 49547)
Fail on swap enabled and deprecate experimental-fail-swap-on flag
**What this PR does / why we need it**:
* Deprecate the old experimental-fail-swap-on
* Add a new flag fail-swap-on and set it to true
Before this change, we would not fail when swap is on. With this
change we fail for everyone when swap is on, unless they explicitly
set --fail-swap-on to false.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes#34726
**Special notes for your reviewer**:
**Release note**:
```release-note
Kubelet will by default fail with swap enabled from now on. The experimental flag "--experimental-fail-swap-on" has been deprecated, please set the new "--fail-swap-on" flag to false if you wish to run with /proc/swaps on.
```
Automatic merge from submit-queue
kube-gen: cut off dependencies
Only gengo is left and apimachinery/pkg/openapi. The later will go away when #48861 merges.
This is the preparation that we can use kube-gen also from apimachinery without circular dependencies.
Requires a separate transport that is guaranteed not to be HTTP/2 for
exec/attach/portforward, because otherwise the Go client attempts to
upgrade us to HTTP/2 first.
Automatic merge from submit-queue
kubelet: remove code for handling old pod/containers paths
**What this PR does / why we need it**:
This PR removes the code for handling the paths that has been deprecated for a long time.
**Release note**:
```release-note
NONE
```
CC @simo5
Automatic merge from submit-queue (batch tested with PRs 46685, 49863, 50098, 50070, 50096)
Remove 0,1,3 from rand.String to avoid 'bad words'
**What this PR does / why we need it**:
Remove 0,1,3 from the runes to prevent accidental bad words profanity
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49543
**Special notes for your reviewer**:
/cc @mml @jamesawebb1 @spiffxp
**Release note**:
```release-note
Remove 0,1,3 from rand.String, to avoid 'bad words'
```
Automatic merge from submit-queue (batch tested with PRs 48237, 50084, 50019, 50069, 50090)
create default storage selection functions
The vast majority of our REST storage needs either default selection predicates or minor tweaks the the field selection criteria. This pull makes that work without any special fields set, but also allows the more complex configuration where it is required. I only changed one storage an example. Once this merges, I'll update the others.
@kubernetes/sig-api-machinery-misc @wojtek-t @smarterclayton @sttts @cheftako ptal.
Automatic merge from submit-queue (batch tested with PRs 50103, 49677, 49449, 43586, 48969)
Adding IPv6 to cidr_set and cidr_set_test
**What this PR does / why we need it**:
This allows IPv6 in cidr_set
Currently cidr_set only supports IPv4. This adds IPv6 compatibility and adds
IPv6 unit tests.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#43588
**Special notes for your reviewer**:
The IPv6 code here makes some assumptions.
The subnets should be at least /64. (maximum 64 bits of prefix)
The subnet mask size cannot be greater than 30 more than the cluster mask size.
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 50103, 49677, 49449, 43586, 48969)
Do not try to run preStopHook when the gracePeriod is 0
**What this PR does / why we need it**:
1. Sometimes when the user force deletes a POD with no gracePeriod, its possible that kubelet attempts to execute the preStopHook which will certainly fail. This PR prevents this inavitable PreStopHook failure.
```
kubectl delete --force --grace-period=0 po/<pod-name>
```
2. This also adds UT for LifeCycle Hooks
```
time go test --cover -v --run "Hook" ./pkg/kubelet/kuberuntime/
.
.
.
--- PASS: TestLifeCycleHook (0.00s)
--- PASS: TestLifeCycleHook/PreStop-CMDExec (0.00s)
--- PASS: TestLifeCycleHook/PreStop-HTTPGet (0.00s)
--- PASS: TestLifeCycleHook/PreStop-NoTimeToRun (0.00s)
--- PASS: TestLifeCycleHook/PostStart-CmdExe (0.00s)
PASS
coverage: 15.3% of statements
ok k8s.io/kubernetes/pkg/kubelet/kuberuntime 0.429s
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```
Do not try to run preStopHook when the gracePeriod is 0
```
Automatic merge from submit-queue (batch tested with PRs 50103, 49677, 49449, 43586, 48969)
Add missing UID in SubjectAccessReviewSpec
**What this PR does / why we need it**:
WebhookAuthorizer's Authorize should send *all* the information
present in the user.Info data structure. We are not sending the
UID currently.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
The SubjectAccessReview API in the authorization.k8s.io API group now allows providing the user uid.
```
Automatic merge from submit-queue (batch tested with PRs 50103, 49677, 49449, 43586, 48969)
[Bug Fix] Fix updating LastHeartbeatTime for the OutOfDisk node condition.
Fixes#50058. #49841 for some (currently unknown) reason did not correctly update LastHeartbeatTime, causing OutOfDisk to be marked unknown.
I have not found the reason for this yet. This change makes the setNodeOODCondition method nearly identical to the other conditions (e.g. [setNodeMemoryPressureCondition](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/kubelet_node_status.go#L741)).
I have started a cluster with this change, and all nodes have been reporting `Ready` for 25 minutes.
- Move public key functions to client-go/util/cert
- Move pki file helper functions to client-go/util/cert
- Standardize on certutil package alias
- Update dependencies to client-go/util/cert
Automatic merge from submit-queue
Increase default value of apps/v1beta2 DeploymentSpec.RevisionHistoryLimit to 10
**What this PR does / why we need it**:
All controllers that use the `RevisionHistoryLimit` field have a default value of 10 for the field, except for `Deployment`, which has a default of 2. We should increase it to 10 for consistency on its default value across controllers.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49913
**Special notes for your reviewer**:
/cc @janetkuo @foxish @liyinan926
**Release note**:
```release-note
Increase default value of apps/v1beta2 DeploymentSpec.RevisionHistoryLimit to 10
```
Automatic merge from submit-queue
Fix incorrect owner in OWNERS
**What this PR does / why we need it**:
typo: yuyuhong --> yujuhong
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
https://github.com/kubernetes/kubernetes/issues/50048#issuecomment-319846621
**Special notes for your reviewer**:
/assign @yujuhong
I don't know whether you can approve this PR or not in such case 😄
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Moved node condition check into Predicats.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: partially fixes#42001
**Release note**:
```release-note
None
```
Automatic merge from submit-queue
Switch from package syscall to golang.org/x/sys/unix
**What this PR does / why we need it**:
The syscall package is locked down and the comment in https://github.com/golang/go/blob/master/src/syscall/syscall.go#L21-L24 advises to switch code to use the corresponding package from golang.org/x/sys. This PR does so and replaces usage of package syscall with package golang.org/x/sys/unix where applicable. This will also allow to get updates and fixes
without having to use a new go version.
In order to get the latest functionality, golang.org/x/sys/ is re-vendored. This also allows to use Eventfd() from this package instead of calling the eventfd() C function.
**Special notes for your reviewer**:
This follows previous works in other Go projects, see e.g. moby/moby#33399, cilium/cilium#588
**Release note**:
```release-note
NONE
```
