Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix namespace miss bug
**What this PR does / why we need it**:
This patch fixes the namespace miss problems.
I am not sure if this is the correct way it should be fixed.
Just offer a solution.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62059
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Support containerized kubelet in CI
**What this PR does / why we need it**:
* Adjust hyperkube Makefile to allow HYPERKUBE_BIN to be
specified from outside
* new DOCKER_ROOT variable to specify --root-dir and associated
volume for kubelet to know where docker directory lives
* Save the docker logs when we kill the kubelet container
* Allow customized image for dockerized kubelet and build a Default
image if one is not specified
We should allow a custom build using script we have:
`VERSION="latest" REGISTRY="k8s.gcr.io" hack/dev-push-hyperkube.sh`
to be used quickly using DOCKERIZE_KUBELET. To do this we remove the
hard coded `k8s.gcr.io/kubelet` image and introduce a new environment
variable `KUBELET_IMAGE`.
Note that we are switching to hyperkube from kubelet as we have a quick
and easy script to build hyperkube image and load it into local docker
daemon. This reduces bad hacks like `docker tag
k8s.gcr.io/hyperkube-amd64:<tag> k8s.gcr.io/kubelet:latest` being used
by folks today (see 62057)
* Better cope with PID 0 when running "docker inspect" to look for
the process id for kubelet container
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60890, 63244, 60741, 63254). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add name output and verb filtering to api-resources
This allows `kubectl api-resources -o name` to be used as input to `kubectl get ...`
to see all resources still existing in a given namespace:
Example:
```sh
kubectl api-resources --verbs=list --namespaced -o name | xargs -n 1 kubectl get -o name -n foo
```
Release note:
```release-note
`kubectl api-resources` now supports filtering to resources supporting specific verbs, and can output fully qualified resource names suitable for combining with commands like `kubectl get`
```
Automatic merge from submit-queue (batch tested with PRs 63251, 59166, 63250, 63180, 63169). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Break a generic package dependency to core/api/v1
It is not necessary for this package to depend on core/v1.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove KUBE_API_VERSIONS
Fixes https://github.com/kubernetes/kubernetes/issues/63102
KUBE_API_VERSIONS is an attempt to control the available serialization of types. It pre-dates the idea that we'll have separate schemes, so it's not a thing that makes sense anymore.
Server-side we've had a very clear message about breaks in the logs for a year "KUBE_API_VERSIONS is only for testing. Things will break.".
Client-side it became progressively more broken as we moved to generic types for CRUD more than a year ago. What is registered doesn't matter when everything is unstructured.
We should remove this piece of legacy since it doesn't behave predictable server-side or client-side.
@smarterclayton @lavalamp
@kubernetes/sig-api-machinery-bugs
```release-note
KUBE_API_VERSIONS is no longer respected. It was used for testing, but runtime-config is the proper flag to set.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
wire printflags through additional cmds
**Release note**:
```release-note
NONE
```
Adds PrintFlag pattern to more commands.
cc @deads2k @soltysh
Automatic merge from submit-queue (batch tested with PRs 61601, 62881, 63159). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
wire print flags through get.go
**Release note**:
```release-note
NONE
```
Adds the PrintFlags pattern to `get.go`.
Prerequisite to ongoing server-side printing work.
cc @soltysh @deads2k
Automatic merge from submit-queue (batch tested with PRs 62432, 62868, 63040). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
bazel: generate pkg/generated/bindata.go at build time and remove from repo
**What this PR does / why we need it**: `pkg/generated/bindata.go` is a generated file, and it's one that's easy for us to handle in bazel (we already handle `test/e2e/generated/bindata.go`, for example).
The translations also have an additional generation step (`hack/update-translations.sh`) which I'm not handling here, but this enables us to remove the `bindata.go` files from the tree (when combined with #62151).
**Release note**:
```release-note
NONE
```
/assign @rmmh @cblecker @thockin @fejta
* Adjust hyperkube Makefile to allow HYPERKUBE_BIN to be
specified from outside
* new DOCKER_ROOT variable to specify --root-dir and associated
volume for kubelet to know where docker directory lives
* Save the docker logs when we kill the kubelet container
* Allow customized image for dockerized kubelet and build a Default
image if one is not specified
We should allow a custom build using script we have:
`VERSION="latest" REGISTRY="k8s.gcr.io" hack/dev-push-hyperkube.sh`
to be used quickly using DOCKERIZE_KUBELET. To do this we remove the
hard coded `k8s.gcr.io/kubelet` image and introduce a new environment
variable `KUBELET_IMAGE`.
Note that we are switching to hyperkube from kubelet as we have a quick
and easy script to build hyperkube image and load it into local docker
daemon. This reduces bad hacks like `docker tag
k8s.gcr.io/hyperkube-amd64:<tag> k8s.gcr.io/kubelet:latest` being used
by folks today (see 62057)
* Better cope with PID 0 when running "docker inspect" to look for
the process id for kubelet container
Automatic merge from submit-queue (batch tested with PRs 63046, 62925, 63014). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Bump minimum required go version to 1.10.1
**What this PR does / why we need it**:
We have supported go1.10.x for a few weeks now (#60597). CI has all been updated. This enforces it as the new minimum go version required go k8s >=1.11
**Release note**:
No release note, as #60597 already had one.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62495, 63003, 62829, 62151, 62002). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Build cleanup with go 1.10
Simplify our build/test scripts now that go 1.10 is in play. It has caching that seems to actually work.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62495, 63003, 62829, 62151, 62002). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add a GCS mirror to WORKSPACE URLs, along with a script to update them.
**What this PR does / why we need it**:
We get occasional flakes when WORKSPACE downloads fail. This should make that much more unlikely, by having two independent endpoints to try.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Volunteer for local-up-cluster related files
**What this PR does / why we need it**:
Wish to help with changes to hack/local-up-cluster.sh and any spill over
into other files that affect hack/local-up-cluster.sh.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
This will help avoid flakes when initializing WORKSPACE, since there are
two sources for each file. Any errors downloading or failed hashes cause
bazel to try the next url in the series.
Automatic merge from submit-queue (batch tested with PRs 62642, 62855, 62487, 62858, 62873). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
final record flag cleanup
This ties off the remainder of the record flag uses. Trying to merge different types of patches is fraught, so I added a way to get a merge patch (not a strategic patch) back from the annotation update.
@kubernetes/sig-cli-maintainers
/assign @soltysh
/assign @juanvallejo
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62726, 60085, 62583). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove podpreset in local up cluster
This was enabled in 6a7aca3129, but
shouldn't have been since the podpreset implementation is in the process
of being moved into service-catalog.
Release note:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix up and use record flags
This pull starts a genericclioptions package with a dependency enforcer to ensure that we have no kube/kube links. It makes the recordflags nil-able and still behave as expected. And it also updates several commands to use the record flags.
@kubernetes/sig-cli-maintainers @soltysh @juanvallejo
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62694, 62569, 62646, 61633, 62433). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
wire printflags through run cmd
**Release note**:
```release-note
NONE
```
Adds PrintFlags to `run` command.
cc @soltysh @deads2k
Automatic merge from submit-queue (batch tested with PRs 62445, 62768, 60633). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Local up cluster enhancements
**What this PR does / why we need it**:
Networking in a cluster brought up by hack/local-up-cluster.sh was broken because kube-proxy fails to start: connectivity to the Internet is okay, but anything involving communication among services (for example, starting cluster DNS) fails.
Debugging this took a while because there was no indication in the output of hack/local-up-cluster.sh that something had gone wrong. There were also some harmless "no such process" errors during cleanup.
The kube-proxy startup issue was fixed in parallel by PR #60431 but that fix turned out to be incomplete, so this PR uses a different approach, suppresses the harmless error messages (caused by a race) and also makes it more obvious when processes die by checking them regularly.
**Special notes for your reviewer**:
I used
KUBE_ENABLE_CLUSTER_DNS=true NET_PLUGIN=kubenet hack/local-up-cluster.sh -O
to start the cluster. Check the kube-dns pod and its logs to see how kube-dns fails to communicate with the API server.
I've left out health checking of kubelet when run under Docker because that isn't something that I have used myself yet and I wanted to send the enhancements without further delays. I can try to add that later once you agree that such a health check is useful.
**Release note**:
```release-note
fix network setup in hack/local-up-cluster.sh (https://github.com/kubernetes/kubernetes/pull/60431)
better error diagnostics in hack/local-up-cluster.sh output
```
Automatic merge from submit-queue (batch tested with PRs 60201, 62744). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix kubectl describe cronjob
CronJob describer was attempting to use the internal batch clientset, which speaks to the batch/v1 API group. CronJobs do not exist in that API group.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add prometheus cluster monitoring addon.
This PR adds new cluster monitoring addon based on prometheus.
It adds prometheus deployment with e2e tests.
Additional components will be added iterativly in future.
Manifests based on current Helm chart.
At current state it's not intended for production use.
cc @piosz @kawych @miekg
```release-note
Add prometheus cluster monitoring addon to kube-up
```
/sig instrumentation
/kind feature
/priority important-soon
Automatic merge from submit-queue (batch tested with PRs 56040, 62627). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Node-level Checkpointing manager: Migrate dockershim and device plugin manager checkpointing
**What this PR does / why we need it**:
This PR abstracts checkpoint manager at kubelet level. Currently, `dockershim`, `deviceplugin` have their own native checkpointing primitives. And most recently `cpumanager` also added package native checkpointing primitives. This adds to the redundancy at implementation level. Also degrades code readability and consistency.
To help this:
1. Checkpointing interface is being abstracted at kubelet level as `checkpointmanager` package.
2. `dockershim` and `deviceplugin` packages are modified to use `checkpointmanager` instead native checkpointing.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
```release-note
None
```
cc @jeremyeder @vishh @derekwaynecarr @sjenning @yujuhong @dchen1107 @RenaudWasTaken @ConnorDoyle @RenaudWasTaken @jiayingz @mindprince @timstclair
/sig node
Automatic merge from submit-queue (batch tested with PRs 62650, 62303, 62545, 62375). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move podsecuritypolicy registry to policy package
**What this PR does / why we need it:**
This is a part of the PSP migration from extensions to policy API group. This PR moves registry to policy package and changes preferred storage format to policy/v1beta1
**Which issue(s) this PR fixes:**
Addressed to https://github.com/kubernetes/features/issues/5
Automatic merge from submit-queue (batch tested with PRs 58784, 62057, 62621, 62652, 62656). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update docker run flags for containized kubelet in hack/local-up-cluster.sh
**What this PR does / why we need it**:
I'm working on https://github.com/kubernetes/kubernetes/issues/61741, and found `docker run` flags in `hack/local-up-cluster.sh` for kubelet container is too old.
- /var/lib/docker should be mount read-write, because kubelet needs to
update /etc/resolv.conf file in container, see #29378
- /var/lib/kubelet should be mount shared, because mountpoints under
this directory must be propagated to other containers
- `--pid=host` is needed to run `nsenter --mount=/rootfs/proc/1/ns/mnt -- /usr/bin/systemd-run --scope` correctly (don't know exact reason, but with `--pid=host`, it works)
- configure cluster dns for kubelet running in a container
- should propagate sub-mounts of / to kubelet for local volume
With this fix, we can start a local cluster with containerized kubelet.
```
# pull or build a hyperkube image first
docker tag k8s.gcr.io/hyperkube-amd64:<tag> k8s.gcr.io/kubelet:latest
export DOCKERIZE_KUBELET=y
./hack/local-up-cluster.sh
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
refer to: https://github.com/kubernetes/kubernetes-anywhere/blob/master/phase2/ignition/vanilla/kubelet.service.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 58784, 62057, 62621, 62652, 62656). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove deprecated initresource admission plugin
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
xref https://github.com/kubernetes/kubernetes/pull/55375#issuecomment-360329586
**Special notes for your reviewer**:
/assign @piosz @deads2k
**Release note**:
```release-note
remove deprecated initresource admission plugin
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
hack/test-update-storage-objects.sh: don't build a binary that the script doesn't use
**What this PR does / why we need it**:
This PR removes unused code that was building a binary that script doesn't use.
**Special notes for your reviewer**:
`hack/test-update-storage-objects.sh` used `attachlease` and `migrate-if-needed.sh` for performing etcd2 -> etcd3 migration. In the commit 39e5a56691 we stopped migrating data, but still built unused `attachlease` binary.
Later, in the dc4d92e154 commit, `migrate-if-needed.sh` was reimplemented in go and unused `attachlease` was replaced by `migrate` that also wasn't needed.
- /var/lib/docker should be mount read-write, because kubelet needs to
update /etc/resolv.conf file in container, see #29378
- /var/lib/kubelet should be mount rslave, because mountpoints under
this directory must be propagated to other containers
- `--pid=host` is needed to run `nsenter --mount=/rootfs/proc/1/ns/mnt -- /usr/bin/systemd-run --scope` correctly
- configure cluster dns for kubelet running in a container
- should propagate sub-mounts of / to kubelet for local volume
- Use rslave to mount /var/lib/docker/ so we can see what the host
mounts under this path.
- Keep containerized kubelet flags same as non-containerized and check
kubelet is running or not.
- Use `all_kubelet_flags` to share kubelet flags.
Commit 43cb024402 replaced command line parameters with a .yaml
configuration file. But feature gates must be configured with a map in
.yaml, not with a comma-separated string as in the command line
parameters. As a result, kube-proxy failed to start and networking was
broken in the cluster.
Commit c339fc0c4f tried to fix that by moving feature gates back to
the command line, but later it was found out that the command line
parameter gets ignored when also specifying a config.
Therefore now the feature gates variable gets converted into a proper
map in the config.
This helps developers detect when something went wrong and then also
points them in the right direction by showing where the corresponding
log file is, if there is one.
For example, since commit 43cb024402 in April 2017 kube-proxy failed
to start because featureGates was not set correctly in the .yaml file,
but no-one seems to have noticed this.
Killing processes in cleanup is racing with those processes
terminating by themselves when aborting local-up-cluster.sh with
CTRL-C. That leads to unnecessary error messages:
^CCleaning up...
kill: (21592): No such process
kill: (21586): No such process
Automatic merge from submit-queue (batch tested with PRs 62425, 62212, 60824, 62383, 62384). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
optimize requestcontext: use RWMutex to improve r/w performance
RequestContextMapper is one of the mostly used interface by every request, and the underlying struct is a map with Mutex protect. So here we should use RWMutex.
**Release note**:
```release-note
NONE
```
The script used attachlease and migrate-if-needed.sh for performing
etcd2 -> etcd3 migration. In the commit 39e5a56691 we stopped migrating
data, but still built unused attachlease binary.
Later, in the dc4d92e154 commit, migrate-if-needed.sh was reimplemented
in go and unused attachlease was replaced by migrate that also wasn't
needed.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Reimplement migrate-if-needed.sh in go
The `migrate-if-needed.sh` script was already partially implemented in go (see the attachlease and rollback sub-dirs), but was still unnecessarily difficult to understand and test. This closely reimplements the original logic but with improved code structure, error handling and testing.
Where possible, go code that was previously executed as separate binaries is now statically linked into a single 'migrate' go cobra CLI app, which is then thinly wrapped by`migrate-if-needed.sh`.
There are numerous additional improvements that need to be made, but will be submitted in future PRs. This PR is focused on achieving parity with the pre-existing functionality and introducing some much needed test coverage, in particular HA cluster upgrade test coverage.
It appears that the `attachlease` and `rollback` go binaries are no longer needed as standalones and so I have consolidated them into the new `migrate` go binary. Other than that, this change aims to be 100% backward compatible.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 59027, 62333, 57661, 62086, 61584). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
local-up-cluster.sh: support preserving etcd optionally
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
**What this PR does / why we need it**:
Allow `hack/local-up-cluster.sh` to support preserve `ETCD_DIR` when `PRESERVE` is set to non-false value.
usage:
```
$ PRESERVE=true ETCD_DIR=/var/lib/etcd-kube-HEAD .... \
./hack/local-up-cluster.sh
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
(None)
**Special notes for your reviewer**:
(None)
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 59027, 62333, 57661, 62086, 61584). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make FAIL_SWAP_ON warning message clear
**What this PR does / why we need it**:
When operating local-up-cluster.sh to prepare e2e tests, the warning
message can be output. This commit makes the message clear.
**Release note**: NONE
As of go 1.10, we do not need to explicitly build the stdlib for static
any more. That happens automatically. Timing tests show no discernible
difference between a `go install` with and without it.
Also use 'static' suffix instead of 'cgo'.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fully resolve tmpdir in verify-bazel.sh, since it might be a symlink on macOS
**What this PR does / why we need it**: Apparently the system tmpdir is inside a symlink on macOS, which confuses gazelle's symlink logic. By resolving this symlink to the absolute path, we can avoid the issue.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61986
**Release note**:
```release-note
NONE
```
/assign @cblecker
cc @patrikerdes
Automatic merge from submit-queue (batch tested with PRs 60900, 62215, 62196). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove need for server connections for dry-run create
when running create commands in --dry-run mode, we don't need a server connection or restmapper information
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use pause manifest image
**What this PR does / why we need it**:
As pause manifest code is merged part of https://github.com/kubernetes/kubernetes/pull/57723, now its time to remove all architecture-dependent pause imagename.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 58420, 60483). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Kube apiserver ServerRunOptions set default called before use
**What this PR does / why we need it**:
move `ServerRunOptions` set default function `defaultOptions` out of `CreateKubeAPIServerConfig`, it should be called before real use `CreateNodeDialer`. So move it to cobra.Command just after kube-apiserver flags parsed.
Similarly `ServerRunOptions.Validate` move there too.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61959, 62037). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Bump godep version to v80
**What this PR does / why we need it**:
Update the minimum godep, to v80 (supposed to be the final version).
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Vendor gazelle and kazel
Rather that relying on upstream git repos that can break, vendor it all. These are NOT head of tree, respectively - they are some backrev forms that were previously being used.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61904, 61565, 61401, 61432, 61772). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove rktnetes code
**What this PR does / why we need it**:
rktnetes is scheduled to be deprecated in 1.10 (#53601). According to the deprecation policy for beta CLI and flags, we can remove the feature in 1.11.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58721
**Special notes for your reviewer**:
**Release note**:
```release-note
Removed rknetes code, which was deprecated in 1.10.
```
/assign @yujuhong
/hold
Hold until the end of the freeze.
Automatic merge from submit-queue (batch tested with PRs 61904, 61565, 61401, 61432, 61772). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Allow curl --max-time to be configurable
**What this PR does / why we need it**:
In nested virutalized environments, the 1 second max-time is too
low. Just bumping up WAIT_FOR_URL_API_SERVER does not work unless
we bump up the max-time too.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61842, 61477, 61777). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Turn server-print on by default in kubectl
**What this PR does / why we need it**:
#55637 introduced `-experimental-server-print` that enabled users to opt-in to user server-side printing. This is a followup which enables this functionality by default, with the ability to fallback not to do it with `--server-print=false`.
/assign @smarterclayton @juanvallejo
**Release note**:
```release-note
Enable server-side print in kubectl by default, with the ability to turn it off with --server-print=false
```
