Commit Graph

66983 Commits

Author SHA1 Message Date
Kubernetes Submit Queue
c3046182ec Merge pull request #65377 from juanvallejo/jvallejo/restore-old-get-template-behavior
Automatic merge from submit-queue (batch tested with PRs 65377, 63837, 65370, 65294, 65376). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

restore pre-1.11 behavior of `kubectl get --template=...`

**Release note**:
```release-note
NONE
```

Restores old behavior to the `--template` flag in `get.go`.
In old releases, providing a `--template` flag value and no `--output` value implicitly assigned a default value ("go-template") to `--output`, printing using the provided template argument.

Example:

```bash
# this should print using GoTemplate printer, but currently does not
$ kubectl get pod foo --template="{{ .metadata.name }}"
```

cc @deads2k @soltysh
2018-06-22 16:16:04 -07:00
Kubernetes Submit Queue
3a266a1b3f Merge pull request #65368 from deads2k/server-17-discovery
Automatic merge from submit-queue (batch tested with PRs 61330, 64793, 64675, 65059, 65368). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

legacy api endpoints only support v1 ever

The legacy API endpoint should only ever have a v1.  This removes flexibility we don't need or want.

@kubernetes/sig-api-machinery-pr-reviews 
@sttts 

```release-note
NONE
```
2018-06-22 14:52:44 -07:00
Kubernetes Submit Queue
039a83eef6 Merge pull request #65059 from damemi/iss64983
Automatic merge from submit-queue (batch tested with PRs 61330, 64793, 64675, 65059, 65368). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

marshal bytes to return as string with `kubectl config view -o jsonpath`

**What this PR does / why we need it**:
Certain `byte[]` representations weren't being properly marshalled to strings when calling `kubectl config view` with `-o jsonpath`

**Which issue(s) this PR fixes**:
Fixes https://github.com/kubernetes/kubectl/issues/489

**Special notes for your reviewer**:

**Release note**:
```release-note
NONE
```
2018-06-22 14:52:41 -07:00
Kubernetes Submit Queue
f09a938bcd Merge pull request #64675 from yue9944882/fix-data-race-cli-file-linux
Automatic merge from submit-queue (batch tested with PRs 61330, 64793, 64675, 65059, 65368). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fixes data races for pkg/kubelet/config/file_linux_test.go

**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #64655

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-06-22 14:52:37 -07:00
Kubernetes Submit Queue
b7b8e160a5 Merge pull request #64793 from MrHohn/gce-backend-service-beta-wrappers
Automatic merge from submit-queue (batch tested with PRs 61330, 64793, 64675, 65059, 65368). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

[gce provider ] Wrapper for beta backend service create/update

**What this PR does / why we need it**:
Feel free to wait after 1.11 code freeze.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #NONE 

**Special notes for your reviewer**:
/assign @rramkumar1 

**Release note**:

```release-note
NONE
```
2018-06-22 14:52:33 -07:00
Kubernetes Submit Queue
6373264df2 Merge pull request #61330 from hzxuzhonghu/kubelet-server
Automatic merge from submit-queue (batch tested with PRs 61330, 64793, 64675, 65059, 65368). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

fix bug: kubelet potential panic

**What this PR does / why we need it**:

fix bug: kubelet may panic calling wg.Done after wg.Wait returned.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-06-22 14:52:30 -07:00
juanvallejo
508145e529 special-case template printing in get.go 2018-06-22 14:58:27 -04:00
Kubernetes Submit Queue
eb5a26f801 Merge pull request #65367 from deads2k/cli-77-delete
Automatic merge from submit-queue (batch tested with PRs 65339, 65343, 65324, 65335, 65367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

make sure delete waiting doesn't re-evaluate the resource lists

Fixes https://github.com/kubernetes/kubernetes/issues/65366

```release-note
Prevents a `kubectl delete` hang when deleting controller managed lists
```

@kubernetes/sig-cli-maintainers
2018-06-22 10:31:24 -07:00
Kubernetes Submit Queue
5880db4a65 Merge pull request #65335 from shyamjvs/add-scheduler-profiling-to-testing
Automatic merge from submit-queue (batch tested with PRs 65339, 65343, 65324, 65335, 65367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Introduce scheduler CPU/Memory profile-gathering in density test

This should help us get more reliable/realistic data for scheduler (from our real-cluster scalability tests).

/cc @wojtek-t 
fyi - @davidopp @bsalamat @misterikkit 

```release-note
NONE
```
2018-06-22 10:31:20 -07:00
Kubernetes Submit Queue
456f85e736 Merge pull request #65324 from nikhita/fix-nits-json-case-sensitive
Automatic merge from submit-queue (batch tested with PRs 65339, 65343, 65324, 65335, 65367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix k8s json package import name

Fixes nits found while cherry-picking https://github.com/kubernetes/kubernetes/pull/65034 in https://github.com/kubernetes/kubernetes/pull/65298.

**Release note**:

```release-note
NONE
```

/cc sttts liggitt caesarxuchao
2018-06-22 10:31:17 -07:00
Kubernetes Submit Queue
1308d9a380 Merge pull request #65343 from cfork/typo
Automatic merge from submit-queue (batch tested with PRs 65339, 65343, 65324, 65335, 65367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

apiserver: fix typo introduced in #57366

fix typo introduced in #57366

```release-note
NONE
```
2018-06-22 10:31:14 -07:00
Kubernetes Submit Queue
bece0d522c Merge pull request #65339 from liggitt/taint-manager-memory
Automatic merge from submit-queue (batch tested with PRs 65339, 65343, 65324, 65335, 65367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Remove item from taint manager workqueue on completion

fixes a memory leak observed in the controller manager when creating/deleting pods containing tolerations

xref #65325

```release-note
fixes a memory leak in the kube-controller-manager observed when large numbers of pods with tolerations are created/deleted
```
2018-06-22 10:31:10 -07:00
Kubernetes Submit Queue
e467e9abb7 Merge pull request #64721 from Cynerva/gkk/audit
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

juju: Add audit support to kubernetes-master charm

**What this PR does / why we need it**:

This PR adds audit configuration support to the kubernetes-master charm. Specifically, it enables audit logging by default, and adds two new config options: `audit-policy` and `audit-webhook-config`.

**Release note**:

```release-note
NONE
```
2018-06-22 08:45:35 -07:00
Kubernetes Submit Queue
4905c339cc Merge pull request #64941 from Lion-Wei/ipvs-test
Automatic merge from submit-queue (batch tested with PRs 65024, 65287, 65345, 64693, 64941). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

complete ipvs proxier ut

**What this PR does / why we need it**:
Complete ipvs proxier ut:
1. Finish loadbalancer type service test.
2. Add external ip local case.
3. Add UDP type nodeport test.
4. Add TestCleanupLeftovers test.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #61390

**Special notes for your reviewer**:

**Release note**:
```release-note
NONE
```
2018-06-22 06:10:24 -07:00
Kubernetes Submit Queue
b45ba959c0 Merge pull request #64693 from xiechengsheng/fix-typos
Automatic merge from submit-queue (batch tested with PRs 65024, 65287, 65345, 64693, 64941). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix some typos in code comments.

Signed-off-by: xiechengsheng <XIE1995@whut.edu.cn>



**What this PR does / why we need it**:
Fix some typos in code comments.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
NONE

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-06-22 06:10:21 -07:00
Kubernetes Submit Queue
1996aa3e69 Merge pull request #65345 from nicksardo/target-proxy-set
Automatic merge from submit-queue (batch tested with PRs 65024, 65287, 65345, 64693, 64941). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Change signature of SetUrlMapForTargetHTTPProxy

**Special notes for your reviewer**:
/assign MrHohn

**Release note**:
```release-note
NONE
```
2018-06-22 06:10:17 -07:00
Kubernetes Submit Queue
8888a43abf Merge pull request #65287 from sigma/pr/update-uuid
Automatic merge from submit-queue (batch tested with PRs 65024, 65287, 65345, 64693, 64941). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

update github.com/satori/go.uuid to 1.2.0

**What this PR does / why we need it**:

This makes sure that github.com/Azure/azure-sdk-for-go has the dependency it
requires: as of v14.6.0, it has a constraint for github.com/satori/go.uuid to be
at 1.2.0 (or above).
This was introduced in https://github.com/Azure/azure-sdk-for-go/pull/979
(see discussion for rationale)

Since github.com/Azure/azure-sdk-for-go is the only consumer of
github.com/satori/go.uuid, there is no reason not to use the correct version.

This also prepares the ground for a future migration to dep.

**Special notes for your reviewer**:

This should help reducing the noise after #64731 lands

```release-note
NONE
```
2018-06-22 06:10:14 -07:00
Kubernetes Submit Queue
b48339704f Merge pull request #65024 from jingax10/calico_custom_branch
Automatic merge from submit-queue (batch tested with PRs 65024, 65287, 65345, 64693, 64941). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add a helper function to customize K8s addon yamls and use it to customize Calico addons on GKE

**What this PR does / why we need it**:

Allow customizing Calico addon in GCP. With #65022, this allows us to do a couple of things:, e.g., run Calico 3.0+ on GCP, use a non-default MTU etc.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #65045, #65067

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-06-22 06:10:10 -07:00
David Eads
b063e9f85e legacy api endpoints only support v1 ever 2018-06-22 08:58:32 -04:00
David Eads
0e3f921457 make sure delete waiting doesn't re-evaluate the resource lists 2018-06-22 08:54:00 -04:00
Kubernetes Submit Queue
1ca851baec Merge pull request #64860 from wgliang/master.kubelet-check-limit
Automatic merge from submit-queue (batch tested with PRs 65290, 65326, 65289, 65334, 64860). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

checkLimitsForResolvConf for the  pod create and update events instead of checking period

**What this PR does / why we need it**:

- Check for the same at pod create and update events instead of checking continuously for every 30 seconds.
- Increase the logging level to 4 or higher since the event is not catastrophic to cluster health .


**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #64849

**Special notes for your reviewer**:
@ravisantoshgudimetla 

**Release note**:

```release-note
checkLimitsForResolvConf for the  pod create and update events instead of checking period
```
2018-06-22 04:43:16 -07:00
Kubernetes Submit Queue
98225e7d20 Merge pull request #65334 from dashpole/update_cadvisor_head
Automatic merge from submit-queue (batch tested with PRs 65290, 65326, 65289, 65334, 64860). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Update cadvisor godeps (master) to v0.30.2

**What this PR does / why we need it**:
Update cadvisor godeps to v0.30.2.  This is needed to fix a number of bugs.
Normally, we wait to do this until the quarterly cAdvisor release, but we want to get some soak time on these bug fixes so that we know it is safe to cherry-pick them to previous releases:
https://github.com/kubernetes/kubernetes/pull/65331
https://github.com/kubernetes/kubernetes/pull/65328
https://github.com/kubernetes/kubernetes/pull/65327

**Release note**:
```release-note
Fix concurrent map access panic
Don't watch .mount cgroups to reduce number of inotify watches
Fix NVML initialization race condition
Fix brtfs disk metrics when using a subdirectory of a subvolume
```
/kind bug
/sig node
/priority important-soon
/assign @dchen1107 

cc @yujuhong @mindprince
2018-06-22 04:43:12 -07:00
Kubernetes Submit Queue
449908488f Merge pull request #65289 from jiayingz/upgrade-test
Automatic merge from submit-queue (batch tested with PRs 65290, 65326, 65289, 65334, 64860). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add a GPUClusterDowngrade test.

**What this PR does / why we need it**:
We actually need a separate GPUClusterDowngrade test to run gpu downgrade tests defined in e.g.,
https://k8s-testgrid.appspot.com/wg-resource-management#gce-1.11-1.10-gpu-master-downgrade

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note

```
2018-06-22 04:43:09 -07:00
Kubernetes Submit Queue
3a7c3d387c Merge pull request #65326 from deads2k/cli-75-fix-printer-check
Automatic merge from submit-queue (batch tested with PRs 65290, 65326, 65289, 65334, 64860). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

fix printer check to tolerate vendoring

After you've vendored code, the package includes a vendor dir.  This updates the code to tolerate that.

/assign @soltysh @juanvallejo 


```release-note
NONE
```
2018-06-22 04:43:06 -07:00
Kubernetes Submit Queue
b6bc20b9dc Merge pull request #65290 from angao/typo-agg
Automatic merge from submit-queue (batch tested with PRs 65290, 65326, 65289, 65334, 64860). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Typo fix: unqalified=>unqualified

**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-06-22 04:43:04 -07:00
Shyam Jeedigunta
0c787703f5 Introduce scheduler CPU/Memory profile-gathering in density test 2018-06-22 12:12:05 +02:00
Shyam Jeedigunta
457548ef7d Refactor profile-gatherer to work across all master components 2018-06-22 12:11:56 +02:00
Kubernetes Submit Queue
d0ff465b1c Merge pull request #65313 from chuckha/cri-tools-dep
Automatic merge from submit-queue (batch tested with PRs 65301, 65291, 65307, 63845, 65313). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Adds cri-tools as a dependency to kubeadm deb/rpms

Closes kubernetes/kubeadm#942

Signed-off-by: Chuck Ha <ha.chuck@gmail.com>

**What this PR does / why we need it**:
This PR adds cri-tools as a dependency to kubeadm. Kubeadm code now requires crictl to exist on the system or an ignorable error will be thrown during init.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes kubernetes/kubeadm#942

**Special notes for your reviewer**:
I'm making a similar PR in the release repo as well.

**Release note**:
```release-note
NONE
```
2018-06-22 03:08:20 -07:00
Kubernetes Submit Queue
5bde5a5ac8 Merge pull request #63845 from paulgear/master
Automatic merge from submit-queue (batch tested with PRs 65301, 65291, 65307, 63845, 65313). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add option to control SSL chain completion

**What this PR does / why we need it**:

This adds templated support to the kubernetes-worker juju charm for the --enable-ssl-chain-completion option on the ingress proxy.  It defaults to false, to ensure that production sites are not reliant on OCSP or DNS in order to function.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
kubernetes-worker juju charm: Added support for setting the --enable-ssl-chain-completion option on the ingress proxy.  "action required": if your installation relies on supplying incomplete certificate chains and using OCSP to fill them in, you must set "ingress-ssl-chain-completion" to "true" in your juju configuration.
```
2018-06-22 03:08:17 -07:00
Kubernetes Submit Queue
6c847f3e7a Merge pull request #65307 from shyamjvs/fix-scheduler-reset-metrics-bug
Automatic merge from submit-queue (batch tested with PRs 65301, 65291, 65307, 63845, 65313). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix scheduler reset metrics bug in testinfra

/cc @krzysied 

```release-note
NONE
```
2018-06-22 03:08:13 -07:00
Kubernetes Submit Queue
8008c7dad9 Merge pull request #65291 from misterikkit/fake-client
Automatic merge from submit-queue (batch tested with PRs 65301, 65291, 65307, 63845, 65313). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add client-go example using fake client in test.

**What this PR does / why we need it**:

This adds an example showing the steps needed to get a working
SharedInformerFactory with a fake client for testing.


**Special notes for your reviewer**:
I had a really hard time figuring out how to use this utility correctly. I don't think this example is sufficient documentation, but it's a good start.

**Release note**:

```release-note
NONE
```
/sig api-machinery
/kind documentation
2018-06-22 03:08:10 -07:00
Kubernetes Submit Queue
ea0c683e2d Merge pull request #65301 from wojtek-t/heapster_node_first
Automatic merge from submit-queue (batch tested with PRs 65301, 65291, 65307, 63845, 65313). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Create heapster node first

This should help with mitigating failures like this:
https://storage.googleapis.com/kubernetes-jenkins/logs/ci-kubernetes-e2e-gce-scale-correctness/127/build-log.txt
2018-06-22 03:08:07 -07:00
Kubernetes Submit Queue
1b43cd1a62 Merge pull request #65292 from wgliang/master.azure-log
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Change Azure ARM Rate limiting error message

**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #65284

Change Azure ARM Rate limiting error message

**Special notes for your reviewer**:
@khenidak 

**Release note**:

```release-note
Change Azure ARM Rate limiting error message.
```
2018-06-22 01:11:10 -07:00
Kubernetes Submit Queue
ac78ec23a1 Merge pull request #64805 from hanxiaoshuai/cleanup0606
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

remove unused code in runtime/scheme_test.go

**What this PR does / why we need it**:
remove unused code in runtime/scheme_test.go
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-06-21 23:47:52 -07:00
Kubernetes Submit Queue
a79de78dc1 Merge pull request #64372 from monotek/fluentd-elasticsearch
Automatic merge from submit-queue (batch tested with PRs 65064, 65218, 65260, 65241, 64372). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

updated fluentd in fluentd-es-image to version 1.2.2

**What this PR does / why we need it**: Updates fluentd in fluentd-es-image to version 1.2.2.
Also updates all other used gems to most recent versions.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2018-06-21 21:12:22 -07:00
Kubernetes Submit Queue
5bb92fd2ff Merge pull request #65241 from ingvagabund/have-rootfs-rw-for-containerized-node-e2e
Automatic merge from submit-queue (batch tested with PRs 65064, 65218, 65260, 65241, 64372). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Have the /rootfs rw for containerized node e2e

**What this PR does / why we need it**:

The ``[sig-storage] HostPath [It] should support subPath [NodeConformance]`` test needs it otherwise the kubelet complains with:

```
  Jun 19 20:05:27 ip-172-18-11-17.ec2.internal docker[26836]: E0619 20:05:27.495132   26860 kubelet_pods.go:198] failed to create subPath directory for volumeMount "test-volume" of container "test-container-1": cannot create directory /rootfs/tmp/sub-path: read-only file system
```


**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**: The tests are run inside RH infrastructure so no CI tests are needed to run

**Release note**:

```release-note
None
```
2018-06-21 21:12:19 -07:00
Kubernetes Submit Queue
3ab6ced72b Merge pull request #65260 from dixudx/fix_ScaleIOVolumeSource_spec
Automatic merge from submit-queue (batch tested with PRs 65064, 65218, 65260, 65241, 64372). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix scale io volume source spec

**What this PR does / why we need it**:
> FSType 
Implicitly inferred to be "ext4" if unspecified.

Actually the default value to "xfs".

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
None
```
2018-06-21 21:12:16 -07:00
Kubernetes Submit Queue
b5ea862f52 Merge pull request #65218 from stlaz/sysctls_describe
Automatic merge from submit-queue (batch tested with PRs 65064, 65218, 65260, 65241, 64372). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add sysctls to the ouput of `describe` on PSPs

**What this PR does / why we need it**:
When promoting the sysctls feature for PSPs, the output of the
`kubectl describe` command was forgotten about. This commit
adds the `AllowedUnsafeSysctls` and `ForbiddenSysctls` fields
to the output of that command.

**Which issue(s) this PR fixes** :
Fixes #65181 

**Release notes**:
```release-note
NONE
```
2018-06-21 21:12:12 -07:00
Kubernetes Submit Queue
cbe4f48866 Merge pull request #65064 from davidz627/fix/CSIe2eAttach
Automatic merge from submit-queue (batch tested with PRs 65064, 65218, 65260, 65241, 64372). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Added attach/mount/check steps to CSI Driver E2E tests

This PR makes the CSI Volume E2E tests actually go through the entire dynamic provisioning pipeline and test attach/mount/check file etc.

Fixes #64927

```release-note
None
```
2018-06-21 21:12:09 -07:00
Kubernetes Submit Queue
5e8b64f990 Merge pull request #65238 from deads2k/scheduler-01-boundary
Automatic merge from submit-queue (batch tested with PRs 65187, 65206, 65223, 64752, 65238). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

fix scheduler port boundary to match detection

zero is allowed to disable the port.  Fix boundary check to allow it.

```release-note
NONE
```

No release note because if we fix it in time, nothing was wrong.
2018-06-21 19:48:18 -07:00
Kubernetes Submit Queue
96c7f3a34a Merge pull request #64752 from wojtek-t/default_to_watching_managers
Automatic merge from submit-queue (batch tested with PRs 65187, 65206, 65223, 64752, 65238). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Kubelet watches necessary secrets/configmaps instead of periodic polling
2018-06-21 19:48:14 -07:00
Kubernetes Submit Queue
18b16be622 Merge pull request #65223 from jsafrane/aws-inaccessible-key
Automatic merge from submit-queue (batch tested with PRs 65187, 65206, 65223, 64752, 65238). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fixed detection of inaccessible AWS encryption key.

AWS provisioner now checks if created encrypted volume gets "Available" or it gets silently deleted by AWS because StorageClass referenced invalid (e.g. non-existing) KMS key for encryption.

This seems to be the only way how to detect such invalid key, because Kubernetes may not have enough permission to check if the key exists.

**Which issue(s) this PR fixes**
Fixes #62171

**Special notes for your reviewer**:

**Release note**:

```release-note
AWS now checks for validity of ecryption key when creating encrypted volumes. Dynamic provisioning of encrypted volume may get slower due to these checks.
```

/sig aws
/sig storage
@kubernetes/sig-aws-misc
2018-06-21 19:48:10 -07:00
Kubernetes Submit Queue
881b8423b9 Merge pull request #65206 from xmudrii/sample-apiserver-rbac
Automatic merge from submit-queue (batch tested with PRs 65187, 65206, 65223, 64752, 65238). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

sample-apiserver: Add RBAC roles and ClusterRoleBindings for Admission Webhooks

**What this PR does / why we need it**:

When you run the `sample-apiserver` using the [manifests provided in the artifacts directory](https://github.com/kubernetes/sample-apiserver/tree/master/artifacts/example), you will get the following errors, related to insufficient permissions to list Namespaces and Admission Webhooks:
```
E0619 07:43:06.422862       1 reflector.go:205] k8s.io/sample-apiserver/vendor/k8s.io/client-go/informers/factory.go:130: Failed to list *v1.Namespace: namespaces is forbidden: User "system:serviceaccount:wardle:apiserver" cannot list namespaces at the cluster scope
E0619 07:43:06.423981       1 reflector.go:205] k8s.io/sample-apiserver/vendor/k8s.io/client-go/informers/factory.go:130: Failed to list *v1beta1.MutatingWebhookConfiguration: mutatingwebhookconfigurations.admissionregistration.k8s.io is forbidden: User "system:serviceaccount:wardle:apiserver" cannot list mutatingwebhookconfigurations.admissionregistration.k8s.io at the cluster scope
E0619 07:43:07.424130       1 reflector.go:205] k8s.io/sample-apiserver/vendor/k8s.io/client-go/informers/factory.go:130: Failed to list *v1beta1.ValidatingWebhookConfiguration: validatingwebhookconfigurations.admissionregistration.k8s.io is forbidden: User "system:serviceaccount:wardle:apiserver" cannot list validatingwebhookconfigurations.admissionregistration.k8s.io at the cluster scope
```

This PR adds two manifests, `rbac.yaml` containing the RBAC rules, and `rbac-bind.yaml` used to bind roles to the `wardle` service account.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: None

**Release note**:
```release-note
NONE
```

/assign @sttts @deads2k 
/sig api-machinery
2018-06-21 19:48:06 -07:00
Kubernetes Submit Queue
a1344cb0d5 Merge pull request #65187 from kwmonroe/feature/goal-state-status
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

juju charms: set more accurate status based on goal_state

**What this PR does / why we need it**:
Use juju goal-state to report more accurate charm status.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/juju-solutions/bundle-canonical-kubernetes/issues/593

**Special notes for your reviewer**:
The goal-state hook tool was released in juju 2.4.  For deployments on earlier versions of juju, this will fall back to the current status reporting behavior.

**Release note**:

```release-note
Report accurate status for kubernetes-master and -worker charms.
```
2018-06-21 19:39:57 -07:00
xiechengsheng
66e0b53c3c fix some typos
Signed-off-by: xiechengsheng <XIE1995@whut.edu.cn>
2018-06-22 09:26:14 +08:00
Kubernetes Submit Queue
300f4915f3 Merge pull request #65216 from wojtek-t/log_long_iptables_operations
Automatic merge from submit-queue (batch tested with PRs 65152, 65199, 65179, 64598, 65216). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Log long operations on iptables

Ref #48107
2018-06-21 18:20:19 -07:00
Kubernetes Submit Queue
f7de67a191 Merge pull request #64598 from MikeSpreitzer/fix-63608-b
Automatic merge from submit-queue (batch tested with PRs 65152, 65199, 65179, 64598, 65216). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Remove optimization from getWork in resourcequota/controller.go

**What this PR does / why we need it**:
This change simplifies the code in
plugin/pkg/admission/resourcequota/controller.go by removing the
optimization in getWork that required the caller to NOT call
completeWork if getWork returns the empty list of work.  BTW, the
caller was not obeying that requirement; now the caller's behavior
(which is unchanged) is right.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #63608 

**Special notes for your reviewer**:
This is a simpler alternative to #64377 

**Release note**:

```release-note
NONE
```
2018-06-21 18:20:15 -07:00
Kubernetes Submit Queue
80da69b07f Merge pull request #65179 from shyamjvs/reduce-service-endpoints-in-load-test
Automatic merge from submit-queue (batch tested with PRs 65152, 65199, 65179, 64598, 65216). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Make no. of services in load test configurable

Experimenting with https://github.com/kubernetes/kubernetes/issues/48107#issuecomment-398018717

/cc @wojtek-t 

```release-note
NONE
```

/kind bug
/sig scalability
/priority important-soon
2018-06-21 18:20:12 -07:00
Kubernetes Submit Queue
01bc75c291 Merge pull request #65199 from tallclair/maxage
Automatic merge from submit-queue (batch tested with PRs 65152, 65199, 65179, 64598, 65216). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix MaxAge default audit log option

Fix typo in flag default.

```release-note
NONE
```
2018-06-21 18:20:09 -07:00
Kubernetes Submit Queue
af1450df24 Merge pull request #65152 from alvaroaleman/vsphere-control-plane-on-cloud
Automatic merge from submit-queue (batch tested with PRs 65152, 65199, 65179, 64598, 65216). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Do not query for VMUUID in vsphere cloud provider if it was explicitly passed

**What this PR does / why we need it**:

It allows running the kube controller-manager with the vsphere cloudprovider enabled on a machine that is not a vmware VM

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #65145

**Special notes for your reviewer**:

**Release note**:

```release-note
In the vSphere cloud provider the `Global.vm-uuid` configuration option is not deprecated anymore, it can be used to overwrite the VMUUID on the controller-manager
```

/sig vmware
2018-06-21 18:20:05 -07:00