When the KUBE_LIST_FROM_CACHE_INCONSISTENCY_DETECTOR environment variable was set
then clients (client-go, dynamic-client) perform a data consistency check
for requests that have a high chance of being served from the watch-cache.
The consistency check is meant to be enforced only in the CI, not in production.
The check ensures that data retrieved by a list api call from the watch-cache
is exactly the same as data received by the list api call from etcd.
Note that this function will panic when data inconsistency is detected.
This is intentional because we want to catch it in the CI.
Note that the new env var is set in the same places
the ENABLE_CACHE_MUTATION_DETECTOR is set.
when the KUBE_WATCHLIST_INCONSISTENCY_DETECTOR environment variable was set
then the reflector performs a data consistency check.
The consistency check is meant to be enforced only in the CI, not in production.
The check ensures that data retrieved by the watch-list api call
is exactly the same as data received by the standard list api call.
note that the new env var is set in the same places
the ENABLE_CACHE_MUTATION_DETECTOR is set.
This change enables the external cloud provider by default for GCE
infrastructure. It is the result of several squashed commits, these are
their commit messages:
* no longer need to enable endpoinslices controller since GA
* use external by default
* DisableKubeletCloudCredentialProviders
* temp test feature gates
This PR updates changes related references to the legacy
release bucket, excluding CHANGELOG updates.
Signed-off-by: Ricky Sadowski <richard.j.sadowski@gmail.com>
Currently, we hardcode the exact image to use in cluster/gce. This is
problematic as the image gets stale very frequently and has old versions
of components such as containerd, kernel, and CVE issues.
Instead, fetch the latest image from the image family. This will ensure
the image will stay up to date. Each image change in image family is
expected to be minor. Switching to a new LTS milestone will require
updating the image family set.
Also add new kube-up environment variables to allow controlling the image
family used, namely:
* IMAGE_FAMILY - default image family to use
* MASTER_IMAGE_FAMILY - image family for master to use (defaults to
IMAGE_FAMILY if unset)
* NODE_IMAGE_FAMILY - image family for node to use (defaults to
IMAGE_FAMILY if unset)
Signed-off-by: David Porter <david@porter.me>
Currently if we disable cloud provider by the following
CLOUD_PROVIDER_FLAG=external
KUBE_FEATURE_GATES=DisableCloudProviders=true,DisableKubeletCloudCredentialProviders=true
we can no longer schedule workloads due to taints and a lack of
node configuration.
This pulls a CCM image from K/cloud-provider-gcp to run tests.
This is a pre-step for taking the above feature gates to beta.
It does not address the last known good dependency issue.
Specifically the CCM image is built on top of client-go and staging.
However this image will be an "old" verison of those libraries.
So it does not test if those libraries work in the CCM.
Fix shellcheck errors.
Add CCM_FEATURE_GATES for testing.
Switching to extended regex from perl regex.
Adding instrumentation to cluster configuration.
Improved regex to not greedily get key-value pairs.
Fixed issue with error on regex no line match.
Switch credentialprovider version to v1alpha1
Make GCS buckets created by the e2e tests regional.
There are by default multi-regional in US location. The change is
introduced to minimize GCS global cost.
GCS new pricing changed since Oct 1, 2022. See https://cloud.google.com/storage/pricing-announce
Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
Add kube::util::wait-for-jobs in create-network() to wait
for background firewall rule creation, and if any fail, log
a message and exit with the failed job's return code.
