Automatic merge from submit-queue (batch tested with PRs 38284, 38403, 38265)
Fix local up cluster dns with RBAC
The DNS server needs permissions to run using RBAC. This does it with a big hammer before we sort out tight permissions.
@fabianofranz for the CLI change
@xilabao for the local-up-cluster change
Automatic merge from submit-queue
Add ResolveImage function to CLI factory
This functions helps to integrate third-party mechanism for resolving the image names. For example, this function can be used in OpenShift to add support for resolving the ImageStreamTag and ImageStreamImage.
See: https://github.com/openshift/origin/pull/10995
Automatic merge from submit-queue (batch tested with PRs 38354, 38371)
Add GetOptions parameter to Get() calls in client library
Ref #37473
This PR is super mechanical - the non trivial commits are:
- Update client generator
- Register GetOptions in batch/v2alpha1 group
Automatic merge from submit-queue (batch tested with PRs 38278, 37770)
Refactor REST storage to use generic defaults
This removes the repetition in the REST storage builders by moving the logic to `restoptions.ApplyOptions`. `registry.StorageWithCacher`/`generic.StorageDecorator` no longer assume that they can build the `keyFunc` for arbitrary objects. `restoptions.ApplyOptions` uses the `registry.Store`'s `KeyFunc` for its call to `generic.StorageDecorator`.
```release-note
Cluster federation servers have changed the location in etcd where federated services are stored, so existing federated services must be deleted and recreated. Before upgrading, export all federated services from the federation server and delete the services. After upgrading the cluster, recreate the federated services from the exported data.
```
Automatic merge from submit-queue (batch tested with PRs 38432, 36887, 38415)
Update client status generator to not use json tags
fixes dependence on json tags in internal versions and drives the generation of UpdateStatus based on type comments
caught a type we were missing an UpdateStatus for
Automatic merge from submit-queue (batch tested with PRs 38432, 36887, 38415)
Add --image-pull-stuck-timeout option to kubelet
In this PR, add --image-pull-stuck-time option to specify the stuck timeout for pulling image.
When docker extracts image layer, there is no progress. The progress will exceed 1m if the layer is big or system is busy. It happend in our cluster, so I add above option to specify the timeout.
Related error log:
<pre>
[... kube_docker_client.go:29] Cancel pulling image "our_registry/demo/test" because of no progress for 1m0s, latest progress "c914ad57d670": Extracting [==================>] 513.5 MB/513.5MB"
[... docker_manager.go:2254] container start failed: ErrImagePull: net/http: request canceled
</pre>
Automatic merge from submit-queue (batch tested with PRs 36736, 35956, 35655, 37713, 38316)
Ae/fix2
**What this PR does / why we need it**: Fixes some kubelet typos
**Release note**:
`None`
Automatic merge from submit-queue (batch tested with PRs 36736, 35956, 35655, 37713, 38316)
Optimize port_split_test test case.
The `normalized` field doesn't take affect in current test case.
This PR:
1. initializes valid and normalized cases with normalized=true.
2. adds some invalid cases.
@resouer Thanks!
Automatic merge from submit-queue (batch tested with PRs 36736, 35956, 35655, 37713, 38316)
delete one testcase from json_test.go for duplicated data
in json_test.go there are 2 duplicated tesecases. Here I'm going to delete one of them. Please review for this. thanks!
Automatic merge from submit-queue (batch tested with PRs 38413, 37164)
Remove chatty "waiting for pod" msg from kubectl run
Attacking #28695 one step at a time
Signed-off-by: Doug Davis <dug@us.ibm.com>
Its unnecessary to print the message when the user asked for it.
We should only show a msg (error) when we didn't do what they asked.
Also showing this in a "kubectl run" is bad because it then
gets appended to the user's output and they would then have to strip
it off if they want to use the output in some follow-on processing.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Automatic merge from submit-queue (batch tested with PRs 36419, 38330, 37718, 38244, 38375)
Kubelet: Add image cache.
Fixes#38373.
This should be patched into 1.5.1 to solve the customer issue.
@yujuhong
/cc @kubernetes/sig-node
Automatic merge from submit-queue (batch tested with PRs 36419, 38330, 37718, 38244, 38375)
Let DirectEncoder take a hint of what gvk to set during its construction
Fix https://github.com/kubernetes/kubeadm/issues/52.
The issue was that when the kubeadm binary executed `c.Extensions().Deployments().Delete(&v1.DeleteOptions{})`, the DeleteOptions.APIVersion is set as `kubeadm.k8s.io/v1alpha` in the serialized format. API server couldn't decode that.
With this PR, `DeleteOptions.APIVersion` will be set to `extensions.v1beta1` in the serialized format.
cc @mikedanese @luxas
@kubernetes/sig-api-machinery
Automatic merge from submit-queue (batch tested with PRs 36071, 32752, 37998, 38350, 38401)
Pass addressable values to DeepCopy
Extracted from https://github.com/kubernetes/kubernetes/pull/35728
These are the places we are currently calling DeepCopy incorrectly, and we need to fix, even if we don't pick up the changes to DeepCopy in #35728:
* creating a new cloner means we have no generated functions registered
* passing non-addressable values doesn't pick up generated deep copy functions, and forces us into reflective mode
Automatic merge from submit-queue (batch tested with PRs 36071, 32752, 37998, 38350, 38401)
Add test for concurrent evictions requests
This is a followup PR after #37668.
Add a test case to make sure concurrent eviction requests can be handled.
@davidopp @lavalamp
Automatic merge from submit-queue (batch tested with PRs 36071, 32752, 37998, 38350, 38401)
Allow a selector when retrieving logs
#19873
initial commit to see if I am headed in the right direction.
Its missing all the test cases, but the selector path works.
Automatic merge from submit-queue
fix local resource output when `-f` not specified
**Release note**:
```release-note
release-note-none
```
`kubectl set image` does not have a `--dry-run` option. Although it offers a
`--local` flag, it does not support server request, limiting input to that of stdin
or that of a local file.
This patch adds a `--dry-run` option to the `kubectl set image` command,
allowing for resources from the server to be selected, without making any
mutations.
cc @ncdc
Related PR: https://github.com/kubernetes/kubernetes/pull/36174
Automatic merge from submit-queue
Fix unmountDevice issue caused by shared mount in GCI
This is a fix on top #38124. In this fix, we move the logic to filter
out shared mount references into operation_executor's UnmountDevice
function to avoid this part is being used by other types volumes such as
rdb, azure etc. This filter function should be only needed during
unmount device for GCI image.
Automatic merge from submit-queue (batch tested with PRs 36310, 37349, 38319, 38402, 38338)
Fix space issue in volumePath with vSphere Cloud Provider
I tried to create a kubernetes deployment with vSphere volume with volume path
"[datastore] kubevols/redis-master".
In this case the cloud provider queries the getDeviceNameFromMount() to return the path of the volume mounted. Since getDeviceNameFromMount() queries the filesystem to get the mount references, it returns a volume path "[datastore]\\040kubevols/redis-master". Later the kubelet searches for this volume path in both the actual and desired states. Th actual and desired states contains volume with path "[datastore] kubevols/redis-master". So, it couldn't find such volume path and therefore kubernetes stalls unable to make any progress further similar to one described in #37022.
This PR will fix the space issue in volume path by replacing \\040 to empty space. This fixes#37712.
Also fixes#38148
@kerneltime @pdhamdhere
This is a fix on top #38124. In this fix, we move the logic to filter
out shared mount references into operation_executor's UnmountDevice
function to avoid this part is being used by other types volumes such as
rdb, azure etc. This filter function should be only needed during
unmount device for GCI image.
Adding the `privileged` bool to the sandbox allows runtimes, like rkt,
to make better security choices in some cases.
This also enumerates what "privileged" actually means and how it
interacts with other options (or more accurately, does not).
The documentation closely matches docker's current behavior because, so
far, that's what privileged has meant.
Automatic merge from submit-queue
kubedns: use initial resource listing as ready signal
Fix#35140.
Set up the ready signal after the first resource listing finished for both endpoints and services instead of listen on kubernetes service.
@bprashanth @bowei @thockin
**Release note**:
```
```
