Automatic merge from submit-queue (batch tested with PRs 55233, 55927, 55903, 54867, 55940). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Enhance kubeadm markmaster
**What this PR does / why we need it**:
This PR is part of the effort for improving kubeadm phases, and more specifically improves `mark-master` phase by implementing a behaviour similar to `kubeadm init`, that is:
- dynamically initialise node name if not provided
- allow to override with `--node-name` flag or with `--config`
Also reference doc for `mark-master` was improved.
**Which issue(s) this PR fixes**
part of the effort for [#454](https://github.com/kubernetes/kubeadm/issues/454)
part of the effort for [#265](https://github.com/kubernetes/kubeadm/issues/265)
**Special notes for your reviewer**:
Alpha disclaimer aligned to change requested on the website.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54647, 55581). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove redundant code in ValidateDiscovery
Signed-off-by: yuexiao-wang <wang.yuexiao@zte.com.cn>
**What this PR does / why we need it**:
Remove redundant code in ValidateDiscovery.
It deplicated check for DiscoveryToken and DiscoveryFile as follows:
func ValidateDiscovery(c *kubeadm.NodeConfiguration, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
if len(c.DiscoveryToken) != 0 {
allErrs = append(allErrs, ValidateToken(c.DiscoveryToken, fldPath)...)
}
if len(c.DiscoveryFile) != 0 {
allErrs = append(allErrs, ValidateDiscoveryFile(c.DiscoveryFile, fldPath)...)
}
allErrs = append(allErrs, ValidateArgSelection(c, fldPath)...)
allErrs = append(allErrs, ValidateToken(c.TLSBootstrapToken, fldPath)...)
allErrs = append(allErrs, ValidateJoinDiscoveryTokenAPIServer(c, fldPath)...)
if len(c.DiscoveryToken) != 0 {
allErrs = append(allErrs, ValidateToken(c.DiscoveryToken, fldPath)...)
}
if len(c.DiscoveryFile) != 0 {
allErrs = append(allErrs, ValidateDiscoveryFile(c.DiscoveryFile, fldPath)...)
}
return allErrs
}
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
cc @luxas
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 55868, 55393, 55152, 55849). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improve documentation for kubeadm preflight command
**What this PR does / why we need it**:
This PR is part of the effort for improving kubeadm reference doc (CLI, website, manpages), and more specifically improves documentation for `kubeadm alpha phase preflight`
**Which issue(s) this PR fixes**:
part of the effort for [#265](https://github.com/kubernetes/kubeadm/issues/265)
**Special notes for your reviewer**:
The PR has two commits:
- `Clone documentation utility from //pkg/kubectl/cmd/templates`, that re-implements in kubeadm some kubectl utilities for handling description and examples for cobra.commands; more PR will follow re-using those utilities. NB. I was forced to add an exception to golint because `blackfriday.Renderer` requires to implement an interface that is not compliant
- `kubeadm-doc-preflight` that implements improvement to `kubeadm alpha phase preflight`
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 55798, 49579, 54862, 55188, 51990). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: Create dnsIP by selecting the tenth IP from k8s svc CIDR
**What this PR does / why we need it**:
Creates dnsIP by selecting the ninth IP from k8s svc cluster IP, instead of appending 0 to the k8s svcIP string.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51997
**Special notes for your reviewer**:
This is helpful when we have service cluster range CIDR as 10.87.116.64/26 (for example), previously this would have failed while parsing the dnsIP, as we used to append a 0 to the k8s svc clusterIP string. This will get the same dnsIP 10.96.0.10 for very widely used service cluster range CIDR 10.96.0.0/12
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 55798, 49579, 54862, 55188, 51990). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix a grammatical problem in a comment
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 55682, 55444, 55456, 55717, 55131). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: fix crictl command for reset
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
**What this PR does / why we need it**:
This PR is fixing kubeadm reset, we used the wrong command pipeline now that crictl has a new version out. This version targets kube master (1.9-dev) so this is the right fix.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
Fix kubeadm reset crictl command
```
@luxas PTAL
Automatic merge from submit-queue (batch tested with PRs 55764, 55683, 55468, 54409, 55546). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm join: Error out if CA pinning isn't used or opted out of
Signed-off-by: yuexiao-wang <wang.yuexiao@zte.com.cn>
**What this PR does / why we need it**:
convert the warning to an error in kubeadm
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubeadm/issues/534
**Special notes for your reviewer**:
/cc @mattmoyer
**Release note**:
```release-note
[action required] kubeadm join: Error out if CA pinning isn't used or opted out of
* kubeadm now requires the user to specify either the `--discovery-token-ca-cert-hash` flag or the `--discovery-token-unsafe-skip-ca-verification` flag.
```
Automatic merge from submit-queue (batch tested with PRs 55648, 55274, 54982, 51955, 55639). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm:Clean up no longer used k8sVersion param
**What this PR does / why we need it**:
cleanup for kubeadm.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
**Special notes for your reviewer**:
/cc @luxas
**Release note**:
```release-note
NONE
```
~~`kubeadm join` now requires the `--discovery-token-ca-cert-hash` argument to be set, or the `--discovery-token-unsafe-skip-ca-verification` flag to be set for opting out of the CA pinning feature.~~
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: Conditionally mount flexvolume
**What this PR does / why we need it**:
See https://github.com/kubernetes/kubeadm/issues/476
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubeadm/issues/476
```release-note
kubeadm: Fix a bug on some OSes where the kubelet tried to mount a volume path that is non-existent and on a read-only filesystem
```
/cc @luxas
Automatic merge from submit-queue (batch tested with PRs 55594, 47849, 54692, 55478, 54133). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add kubeadm alpha phase kubeconfig option(--output)
**What this PR does / why we need it**:
This PR will add --output option to `kubeadm alpha phase kubeconfig [command]`
This option can change output directory of kubeconfig.
Prev: kubeadm alpha phase kubeconfig admin
we can get admin.conf in /etc/kubernetes/ .
This PR: kubeadm alpha phase kubeconfig admin --output /root
we can get admin.conf in /root/ .
Of course, --output is optional.(default directory is /etc/kubernetes)
Note)
I have no confidence about my test code.
Thank you.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm enable endpoint-reconciler for HA clusters
**What this PR does / why we need it**:
enable endpoint-reconciler on kube-apiserver when creating HA clusters with kubeadm
**Which issue(s) this PR fixes**:
[#529](https://github.com/kubernetes/kubeadm/issues/529)
**Special notes for your reviewer**:
CC @luxas
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 53337, 55465, 55512, 55522, 54554). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Wording in missing config from cluster response typo.
**What this PR does / why we need it**:
Resolves a typo in the response message for Kubeadm Upgrade Plan that results in the wording:
"Without this information, 'kubeadm upgrade' don't how to configure your upgraded cluster."
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
none
**Special notes for your reviewer**:
none
**Release note**:
```release-note
Correct wording of kubeadm upgrade response for missing ConfigMap.
```
This patch contains wording, punctuation and capitalization fixes
for stdout messages in most kubeadm 'cmd' files.
Also includes changes in '/phases' and '/upgrade' for
consistency.
Signed-off-by: Lubomir I. Ivanov <lubomirivanov@vmware.com>
Automatic merge from submit-queue (batch tested with PRs 55380, 55399, 55377, 55055). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: use the CRI for preflights checks
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
**What this PR does / why we need it**:
Add preflights checks to be performed using `crictl` and the kubernetes CRI instead of relying on docker.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubeadm/issues/285
**Special notes for your reviewer**:
**Release note**:
```release-note
kubeadm: use the CRI for preflights checks
```
@luxas PTAL
Automatic merge from submit-queue (batch tested with PRs 55380, 55399, 55377, 55055). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use const instead of hard-code for kubeadm usages
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
/cc @luxas
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 55380, 55399, 55377, 55055). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: Make swap check as an error
**What this PR does / why we need it**:
Based on amount of support issues where warning about enabled
swap not noticed or ignored, it will be better to make this
check as an error.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
**Special notes for your reviewer**:
cc @luxas
attention @jpbetz : this change planned to be also cherrypicked to 1.8 branch.
/area kubeadm
/sig cluster-lifecycle
**Release note**:
```release-note
kubeadm now produces error during preflight checks if swap is enabled. Users, who can setup kubelet to run in unsupported environment with enabled swap, will be able to skip that preflight check.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use volumeutil.LoadPodFromFile for pod spec
**What this PR does / why we need it**:
Minor cleanup.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
/cc @luxas
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move core API to pkg/apis/core
Fixes https://github.com/kubernetes/kubernetes/issues/55304.
This moves the types in pkg/api and most of pkg/api/v1 to pkg/apis/core to match the other api groups, following-up on what https://github.com/kubernetes/kubernetes/pull/44784 did for the external types.
It's a nearly 100% mechanical package move with a number of trivial fixups in code-generators and in tests which do string comparisons of types via reflection.
**Most importantly:**
- group names are unchanged
- apimachinery semantics are unchanged
- the outside api is unchanged.
Note that some packages for helpers are left in pkg/api/v1. Splitting them into helpers which belong tightly to the api and those which are not is left to follow-ups.
@kubernetes/sig-api-machinery-pr-reviews
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: Extended KubeletVersionCheck
**What this PR does / why we need it**:
KubeletVersionCheck now able to detect if kubelet version
is higher than control plane. As this might lead to malfunctional
cluster setups, kubeadm will give warning.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixeskubernetes/kubeadm#496
**Special notes for your reviewer**:
/sig cluster-lifecycle
/area kubeadm
**Release note**:
```release-note
- kubeadm will produce error if kubelet too new for control plane
```
Automatic merge from submit-queue (batch tested with PRs 54493, 52501, 55172, 54780, 54819). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add CoreDNS as feature in kubeadm
**What this PR does / why we need it**:
This PR adds CoreDNS as a DNS plugin via the feature-gate option in Kubeadm init.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
Fixeskubernetes/features#427
**Special notes for your reviewer**:
**Release note**:
```release-note
kubeadm: Add an experimental mode to deploy CoreDNS instead of KubeDNS
```
/cc @johnbelamaric
KubeletVersionCheck now able to detect if kubelet version
is higher than control plane. As this might lead to malfunctional
cluster setups, kubeadm will give warning.
Fixes: kubernetes/kubeadm#496
