This patch introduces glusterfsPersistentVolumeSource addition
to glusterfsVolumeSource. All fields remains same as glusterfsVolumeSource
with an addition of a new field
called `EndpointsNamespace` to define namespace of endpoint in the
spec.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Debugging the CSI driver tests depends a lot on the output of the CSI
sidecar containers and the CSI driver, but that information was not
captured automatically and thus unavailable after a test run. This is
particularly bad when running in a remote CI system, but also manually
watching the cluster during a test was cumbersome.
Now pod events and log messages get copied to the test's output at the
time that they happen (when running without report directory) or get
written to individual log files (when running with report directory in
the CI).
Ensuring that CSI drivers get deployed for testing exactly as intended
was problematic because the original .yaml files had to be converted
into code. e2e/manifest helped a bit, but not enough:
- could not load all entities
- didn't handle loading .yaml files with multiple entities
- actually creating and deleting entities still had to be done in tests
The new framework utility code handles all of that, including the
tricky cleanup operation that tests got wrong (AfterEach does not get
called after test failures!).
In addition, it is ensuring that each test gets its own instance of the
entities.
The PSP role binding for hostpath is now necessary because we switch
from creating a pod directly to creation via the StatefulSet
controller, which runs with less privileges.
Without this, the hostpath test runs into these errors in the
kubernetes-e2e-gce job:
Oct 19 16:30:09.225: INFO: At 2018-10-19 16:25:07 +0000 UTC - event for csi-hostpath-attacher: {statefulset-controller } FailedCreate: create Pod csi-hostpath-attacher-0 in StatefulSet csi-hostpath-attacher failed error: pods "csi-hostpath-attacher-0" is forbidden: unable to validate against any pod security policy: []
Oct 19 16:30:09.225: INFO: At 2018-10-19 16:25:07 +0000 UTC - event for csi-hostpath-provisioner: {statefulset-controller } FailedCreate: create Pod csi-hostpath-provisioner-0 in StatefulSet csi-hostpath-provisioner failed error: pods "csi-hostpath-provisioner-0" is forbidden: unable to validate against any pod security policy: []
Oct 19 16:30:09.225: INFO: At 2018-10-19 16:25:07 +0000 UTC - event for csi-hostpathplugin: {daemonset-controller } FailedCreate: Error creating: pods "csi-hostpathplugin-" is forbidden: unable to validate against any pod security policy: []
The extra role binding is silently ignored on clusters which don't
have this particular role.
Provisioning test for retain policy requires each driver's backend volume
deletion logic. Without it, volume leakage happens. Move this test back
to volume_provisioning.go and test it only for gce, until general
backend volume deletion code for each driver becomes available.
Fixes: #70191
In some storage tests, kubelet is stopped first and the test check node
NotReady state. However, if it fails to have this state, kubelet could
not be restarted because the defer function is placed after the stop
kubelet command. This PR fixes this issue.
Not all users of the E2E framework want to run cloud-provider specific
tests. By splitting out the code it becomes possible to decide in
a E2E test suite which providers are supported.
This is achieved in two ways:
- the framework calls certain functions through a provider
interface instead of calling specific cloud provider functions
directly
- tests that are cloud-provider specific directly import the
new provider packages
The ingress test utilities are only needed by a few tests. Splitting
them out into a separate package makes the framework simpler for test
suites not using those tests.
Fixes: #66649
When facing an issue which is due to lack of PV/PVC Protection
finalizer on the e2e tests, the error message is just like
Expected
<bool>: false
to be true
Actually we cannot understand what happened during the tests.
This adds more debugging info on the tests.
Tests shouldn't have to use the central context for their settings,
because conceptually tests and framework get developed independently.
This does not yet use the new framework/config utility code because
that code still needs to be reviewed.
Besides moving the flags, they also get renamed from the top-level
"--csiImage{Version|Registry}" to
"--storage.csi.image.{version|registry}". These flags were introduced
fairly recently and shouldn't be in use much, so now is a good time to
introduce a hierarchical naming for storage flags, in particular
because more flags will be added soon.
The new test/e2e/framework/testfiles package makes it possible to
write tests that do not depend on a specific way of providing
additional test files at runtime. Such tests and the framework are
then more easily reused in other test suites.
In the test/e2e suite file access is enabled based on the existing
"repo-root" command line parameter and the built-in bindata. Tests
using the new API will first check for files under "repo-root" and
then fall back to the builtin data. This way, users of a test binary
can modify those files without having to rebuild the binary.
"repo-root" is still needed because at least some tests check for
additional files (secret.yaml, via ingress_utils.go) that are not part
of the upstream source code and thus may or may not be built into a
test binary.
Tests using bindata or repo-root directly get modified to use the new
API, or removed when they are obsolete: test/e2e/examples.go depended
on files that were removed in
https://github.com/kubernetes/kubernetes/pull/61246 and thus can no
longer be run in Kubernetes. Moving the tests to kubernetes/examples
is tracked in https://github.com/kubernetes/examples/issues/214.
The file removal did not break the automated E2E testing probably
because the tests are under the Feature:Example tag and thus not
enabled during normal CI runs.
Removing also the obsolete tests makes it simpler to rework the
"repo-root" setting because less code uses it.
Related-to: #66649 and #23987
Bootstrap initializes the necessary vSphere objects before the tests are
run. A call to Bootstrap was missing in persistent_volumes-vsphere.go's
BeforeEach. This results in Panic while running e2e tests for 'vsphere'
provider with a stack trace like this:
/usr/local/go/src/runtime/panic.go:502 +0x229
github.com/docker/kube-e2e-image/vendor/k8s.io/kubernetes/test/e2e/storage/vsphere.glob..func1.1()
/go/src/github.com/docker/kube-e2e-image/vendor/k8s.io/kubernetes/test/e2e/storage/vsphere/persistent_volumes-vsphere.go:77
+0xa21
github.com/docker/kube-e2e-image/vendor/github.com/onsi/ginkgo/internal/leafnodes.(*runner).runSync(0xc4217c9b60,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
/go/src/github.com/docker/kube-e2e-image/e2e_test.go:88 +0x2c8
testing.tRunner(0xc4206e01e0, 0x4212900)
/usr/local/go/src/testing/testing.go:777 +0xd0
created by testing.(*T).Run
/usr/local/go/src/testing/testing.go:824 +0x2e0
This change fixes the Panic by calling Bootstrap.
Testing:
After this change, tests with FOCUS set to "PersistentVolumes:vsphere"
dont Panic. They pass as expected.
Signed-off-by: Anusha Ragunathan <anusha.ragunathan@docker.com>
Normally the pod would get created via a DaemonSet controller, but
during testing it is easier to create it directly. We just need to
ignore errors (like 'No API token found for service account
"csi-service-account"') and retry for a while. If the error persists,
the error will still abort and report it eventually.
This problem also occurs elsewhere, so an utility function in the
framework for it seems justified.
Fixes: #68776
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
CSI Node info registration in kubelet
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#67683
**Special notes for your reviewer**:
Feature issue: https://github.com/kubernetes/features/issues/557
Design doc: https://github.com/kubernetes/community/pull/2034
Missing pieces:
* CSI client retry and exponential backoff logic.
* CSINodeInfo object validation
* e2e test with all the CSI machinery.
An RBAC rule is also added to support external-provisioner topology updates.
**Release note**:
```release-note
Registers volume topology information reported by a node-level Container Storage Interface (CSI) driver. This enables Kubernetes support of CSI topology mechanisms.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
Fix gce localssd pv tests
**What this PR does / why we need it**:
When running local PV tests against GCE local SSD, it directly uses the disk so doesn't need to create a tmp dir like the other test formats. Fsgroup tests do not create test-file so don't error on cleanup if the file doesn't exist.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#68308
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 68161, 68023, 67909, 67955, 67731). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
CSI: skip attach for non-attachable drivers
**What this PR does / why we need it**:
This is implementation of https://github.com/kubernetes/community/pull/2523. CSI volumes that don't need attach/detach now don't need external attacher running.
WIP:
* contains #67803 to get CSIDriver API. Ignore the first commit.
* ~~missing e2e test~~
/sig storage
cc: @saad-ali @vladimirvivien @verult @msau42 @gnufied @davidz627
**Release note**:
```release-note
CSI volume plugin does not need external attacher for non-attachable CSI volumes.
```
Automatic merge from submit-queue (batch tested with PRs 68161, 68023, 67909, 67955, 67731). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
Replace git volume with configmap in emptydir wrapper conflict test
**What this PR does / why we need it**: GitRepoVolumeSource is deprecated, use a ConfigMap instead. (This test is part of the conformance suite, so it would be good to allow downstreams to disable/not support gitRepo)
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 67736, 68123, 68138). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
Update external provisioner test to use latest nfs-provisioner
**What this PR does / why we need it**: latest nfs-provisioner will work with cri-containerd, so let's update it
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**: I want to move this test to use nfs-client-provisioner soon anyway since a lot of our e2e tests already use a containerized nfs server and it would be good to be consistent. So this can be treated as something of a stopgap but it would be nice to have ASAP to unblock https://github.com/kubernetes-incubator/external-storage/issues/432#issuecomment-417511065
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
Fix hostpath subpath reconstruction tests are failing
**What this PR does / why we need it**:
Fix hostpath subpath reconstruction tests are failing
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes: #68093
**Special notes for your reviewer**:
/sig storage
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
Fix multizone gce pd subpath test
**What this PR does / why we need it**:
The format pod for readonly tests also needs to fill in the NodeSelector for inline gce pd volumes.
Also rename "gce" driver to "gcepd"
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#68085
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 67368, 59930, 68074). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
Fix subpath tests not to fail in namespace deletion
**What this PR does / why we need it**:
This PR fixes below subpath test not to fail in namespace deletion
- subPath should support restarting containers using directory as subpath
- subPath should support restarting containers using file as subpath
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes: #68073
**Special notes for your reviewer**:
/sig storage
/sig testing
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 67764, 68034, 67836). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
Remove feature tag from dynamic provisioning topology tests
**What this PR does / why we need it**:
Now that the feature has been moved to beta, remove feature tag to let it run in the standard CI suite.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
This commit fixes below subpath test not to fail in namespace deletion
- subPath should support restarting containers using directory as subpath
- subPath should support restarting containers using file as subpath
Fixes: #68073
Automatic merge from submit-queue (batch tested with PRs 66577, 67948, 68001, 67982). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.
Refactor volume test in a similar way to csi tests
Refactoring for non-csi e2e test similar to below commit in csi e2e test.
4d11dab272 (diff-0d9ecaa3e6a0297186ad33f57aad472e)
Scopes for this refactoring are below three files:
- test/e2e/storage/volumes.go
- test/e2e/storage/volume_io.go
- test/e2e/storage/persistent_volumes-volumemode.go
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#66571
**Special notes for your reviewer**:
/sig storage
@davidz627 @msau42 @jsafrane
**Release note**:
```release-note
NONE
```
Refactoring for non-csi e2e test similar to below commit in csi e2e test.
4d11dab272 (diff-0d9ecaa3e6a0297186ad33f57aad472e)
Scopes for this refactoring are below four files:
- test/e2e/storage/volumes.go
- test/e2e/storage/volume_io.go
- test/e2e/storage/persistent_volumes-volumemode.go
- test/e2e/storage/subpath.go
fixes: #66571
Automatic merge from submit-queue (batch tested with PRs 67332, 66737, 67281, 67173). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
storage e2e test: remove race when setting up loopback device
CI has shown occasional failures stemming from an -EBUSY when
test/e2e/storage/persistent_volumes-local.go aka "PersistentVolumes-local"
attempts to do losetup.
Looking at the code, it has a clear race between querying the current
free loopback device and later explicitly attempting to loopback setup a
file at the queried device node. Losetup nowadays includes the logic to
handle this for the user, if the '-f' option is used instead of naming
the desired target loopback device explicitly. It is safe to presume
a suitable losetup is present as the '-f' option is used elsewhere in
the test, and it is safe to not record the allocated device, as it is
already queried on the fly elsewhere in the test ahead of other commands
which need to know an already created loopback device's node name.
This patch should result in less flakes for this test case.
Signed-off-by: Tim Pepper <tpepper@vmware.com>
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Error in return value should be tested and fix Description Info in e2e test
**What this PR does / why we need it**:
1. Error in return value should be tested
2. fix Description Info
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Just after creating a PV, its phase is "Pending" and its finalizers
doesn't contain "kubernetes.io/pv-protection". If the e2e test performs
so faster than the target k8s cluster, the test fails because the PV is
not ready. This adds WaitForPersistentVolumePhase() for waiting the
phase "Available" to avoid such situation.
Currently, the PVC protection controller will remove its finalizer when
all Pods using a PVC reach at least a Terminating state. However,
certain volumes cannot be guaranteed to be umounted until a Pod is
deleted. Only Pods not in the current pods list can be considered
deleted, so we're removing the exception to not check Terminating Pods.
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
End2End tests for DynamicVolumeProvisioning of EBS
**What this PR does / why we need it**:
Add end2end tests to exercise `DynamicProvisioningScheduling` features for EBS. The tests make sure `WaitForFirstConsumer` and `AllowedTopologies` specified in a EBS storage class has the desired effect.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
Tests features added to 217a3d8902
**Release note**:
```
NONE
```
/sig storage
/assign @msau42 @jsafrane
CI has shown occasional failures stemming from an -EBUSY when
test/e2e/storage/persistent_volumes-local.go aka "PersistentVolumes-local"
attempts to do losetup.
Looking at the code, it has a clear race between querying the current
free loopback device and later explicitly attempting to loopback setup a
file at the queried device node. Losetup nowadays includes the logic to
handle this for the user, if the '-f' option is used instead of naming
the desired target loopback device explicitly. It is safe to presume
a suitable losetup is present as the '-f' option is used elsewhere in
the test, and it is safe to not record the allocated device, as it is
already queried on the fly elsewhere in the test ahead of other commands
which need to know an already created loopback device's node name.
This patch should result in less flakes for this test case.
Signed-off-by: Tim Pepper <tpepper@vmware.com>
Use the same pattern everywhere in the e2e test
harness, use busybox (from dockerhub) instead
of using the one from k8s.gcr.io registry.
Change-Id: I57c3b867408c1f9478a8909c26744ea0368ff003
Automatic merge from submit-queue (batch tested with PRs 66933, 66925). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Rework multi-volume test to use StatefulSet
**What this PR does / why we need it**:
The e2e test that got added as part of https://github.com/kubernetes/kubernetes/pull/66832 fails in a multi-zone environment because the volumes get provisioned in random zones. This PR reworks the test to use StatefulSet instead, which handles provisioning multiple PVCs in the same zone.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 64645, 66832). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Detect if GCE PD udev link is wrong and try to correct it
**What this PR does / why we need it**:
udev can miss scsi events and not update device links properly when disks are detached and reattached to the same node in a different order. This PR workarounds the issue by comparing the udev link name, which is the PD disk name, with the scsi disk serial number returned from scsi_id, and prevents mounting of the disk if the link is wrong. It will also run `udevadm trigger` on the disk to try to correct the bad link.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
This fix prevents a GCE PD volume from being mounted if the udev device link is stale and tries to correct the link.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Part 1: Allowing volumes to choose when to use securityContext
This PR is the result of [splitting this PR]( https://github.com/kubernetes/kubernetes/pull/65793) into 2 sections:
1) This part, addressing the refactor so eligible-test-for-conformance can use get rid of privileged security context.
2) a second part that will address the promotion of the testcases to be in conformance suite.
Changes:
a) demoted privileged mode for these tests (not needed)
b) regular tests (the other ones existing in the file) will still be using privileged security context.
b) adding privilegedSecurityContext field to VolInfo, so each volume-flavor can let the test know if the security context has to be privileged or not.
This allows granular changes and updates per volume).
this PR is the result of splitting https://github.com/kubernetes/kubernetes/pull/65793 into 2 sections
1) This part, addressing the refactor so eligible-test-for-conformance can use get rid of privileged security context.
2) a second part that will address the promotion of the testcases to be in conformance suite
Changes:
a) demoted privileged mode for these tests (not needed)
b) regular tests (the other ones existing in the file) will still be using privileged security context.
c) adding privilegedSecurityContext field to VolInfo, so each volume-flavor can let the test know if the security context has to be privileged or not.
This allows granular changes and updates per volume).
d) fixing formatting issue.
Automatic merge from submit-queue (batch tested with PRs 66341, 66405, 66403, 66264, 66447). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Bump subpath test pod timeout to 5 minutes
Fixes: #66376
It seems that sometimes `Attach` on GCP side can take multiple minutes (when recently detached from another node) and therefore the old timeout of 1 minute is not long enough. 5 minutes is standard elsewhere and seems to be long enough for the long tail of GCE Attach time.
Also the ext4 test was really hard to debug because all the old PD tests call all the pods "pd-injector" and all the volume mounts "pd-volume." Made a change to make that more readable by adding a length 4 random string suffix.
/kind flake
/sig storage
/assign @msau42
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 66172, 66254). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Reverting commit #56600 as GCE PD is allocated in chunks of GiB inste…
**What this PR does / why we need it:**
This PR reverts the changes made in commit https://github.com/kubernetes/kubernetes/pull/56600 which considered GCE PDs are allocated in chunks of GBs. The following set of operations demonstrate the allocation is in GiBs.
Manually create a PD in GB, and manually attach it to a node:
```
$ gcloud compute disks create msau-test --zone=us-central1-b --size=1GB
```
Run lsblk on it, and it shows the bytes of the disk are 1GiB:
```
$ lsblk -b
sdc 8:32 0 1073741824 0 disk
```
**Which issue(s) this PR fixes**:
[65285](https://github.com/kubernetes/kubernetes/issues/65285)
**Special notes for your reviewer**:
```release-note
none
```
Automatic merge from submit-queue (batch tested with PRs 63877, 64559, 65952). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Typo fix in the returned message: dynamicly->dynamically
Line 541: a typo in the returned message:
dynamicly->dynamically
Automatic merge from submit-queue (batch tested with PRs 66064, 66040). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Re-enable write-read pv check in volume provisioning tests
**What this PR does / why we need it**: Except for the recently-added CSI tests, every test that uses testDynamicProvisioning in volume_provisioning has been skipping the
`By("checking the created volume is writable and has the PV's mount options")`
and
`By("checking the created volume is readable and retains data")`
steps due to an unintentional change in https://github.com/kubernetes/kubernetes/pull/59879
**Special notes for your reviewer**: The 'attach' variable name is not descriptive at all, default behaviour is unclear. Tests will take longer of course, but that was always the intention, to not only test provisioning of PV is according to PVC but that you can actually r/w it (hence e2e).
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add local volume pod affinity tests.
**What this PR does / why we need it**:
Add local volume pod affinity tests.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56100 (with already merged prs #59682, #60260)
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 64593, 65117, 65629, 65827, 65686). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add e2e tests for volumeMode of persistent volume
This set of e2e tests is to confirm that persistent volume works well for all volumeModes.
Coverage of the tests are shown in the figure of [Test cases], below.
Once implementation policy is confirmed to be good, we can add plugins and test cases to this.
[Test cases]
```
# plugin volumeMode Test case Expectation
--- ---------- -------------- ------------------------------------------------------ ------------
1 iSCSI Block (a) Create Pod with PV and confirm Read/Write to PV Success
2 iSCSI Block (b) Create Pod and restart kubelet and confirm PV Success
3 iSCSI Block (c) Create Pod and restart kubelet while deleting PV Success
4 iSCSI FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
5 iSCSI FileSystem (b) Create Pod and restart kubelet and confirm PV Success
6 iSCSI FileSystem (c) Create Pod and restart kubelet while deleting PV Success
7 RBD Block (a) Create Pod with PV and confirm Read/Write to PV Success
8 RBD Block (b) Create Pod and restart kubelet and confirm PV Success
9 RBD Block (c) Create Pod and restart kubelet while deleting PV Success
10 RBD FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
11 RBD FileSystem (b) Create Pod and restart kubelet and confirm PV Success
12 RBD FileSystem (c) Create Pod and restart kubelet while deleting PV Success
13 CephFS Block (a) Create Pod with PV and confirm Read/Write to PV Fail
14 CephFS FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
15 CephFS FileSystem (b) Create Pod and restart kubelet and confirm PV Success
16 CephFS FileSystem (c) Create Pod and restart kubelet while deleting PV Success
17 NFS Block (a) Create Pod with PV and confirm Read/Write to PV Fail
18 NFS FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
19 NFS FileSystem (b) Create Pod and restart kubelet and confirm PV Success
20 NFS FileSystem (c) Create Pod and restart kubelet while deleting PV Success
```
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56803
**Special notes for your reviewer**:
/sig storage
@gnufied @rootfs @jsafrane @jeffvance
This PR is intend to reflect the comments for the below PR.
https://github.com/kubernetes/kubernetes/pull/56804
**Release note**:
```release-note
NONE
```
This set of e2e tests is to confirm that persistent volume works well for all volumeModes.
Coverage of the tests are shown in the figure of [Test cases], below.
Once implementation policy is confirmed to be good, we can add plugins and test cases to this.
[Test cases]
# plugin volumeMode Test case Expectation
--- ---------- -------------- ------------------------------------------------------ ------------
1 iSCSI Block (a) Create Pod with PV and confirm Read/Write to PV Success
2 iSCSI FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
3 RBD Block (a) Create Pod with PV and confirm Read/Write to PV Success
4 RBD FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
5 CephFS Block (a) Create Pod with PV and confirm Read/Write to PV Fail
6 CephFS FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
7 NFS Block (a) Create Pod with PV and confirm Read/Write to PV Fail
8 NFS FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
fixes: #56803
Automatic merge from submit-queue (batch tested with PRs 65064, 65218, 65260, 65241, 64372). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Added attach/mount/check steps to CSI Driver E2E tests
This PR makes the CSI Volume E2E tests actually go through the entire dynamic provisioning pipeline and test attach/mount/check file etc.
Fixes#64927
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 65187, 65206, 65223, 64752, 65238). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixed detection of inaccessible AWS encryption key.
AWS provisioner now checks if created encrypted volume gets "Available" or it gets silently deleted by AWS because StorageClass referenced invalid (e.g. non-existing) KMS key for encryption.
This seems to be the only way how to detect such invalid key, because Kubernetes may not have enough permission to check if the key exists.
**Which issue(s) this PR fixes**
Fixes#62171
**Special notes for your reviewer**:
**Release note**:
```release-note
AWS now checks for validity of ecryption key when creating encrypted volumes. Dynamic provisioning of encrypted volume may get slower due to these checks.
```
/sig aws
/sig storage
@kubernetes/sig-aws-misc
Automatic merge from submit-queue (batch tested with PRs 65123, 65176, 65139, 65084, 65056). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Enable dynamic provisioning tests on AWS.
The tests are not slow, they finish on GCE in ~46 seconds and on AWS
in ~103 seconds.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 64416, 63625, 60967, 64767, 64588). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove Feature:Volume from tests
These tests don't depend on any alpha/beta feature and they have correct `SkipUnlessProviderIs` tests so they run only on proper cloud.
/kind feature
/sig storage
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60699, 63780). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
e2e/storage: parameterize container images
**What this PR does / why we need it**:
The CSI integration test for hostpath was hard-coded to use the latest
stable release of the sidecar and hostpath container images. This
makes sense for regression testing of changes made in Kubernetes
itself, but the same test is also useful for testing the "canary"
images on quay.io before tagging them as a new release or for testing
locally produced images. Both is now possible via command line
parameters.
**Which issue(s) this PR fixes**:
Related-to: kubernetes-csi/docs#23
**Special notes for your reviewer**:
The commit message has usage instructions.
```release-note
NONE
```
/sig storage
Automatic merge from submit-queue (batch tested with PRs 63348, 63839, 63143, 64447, 64567). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add block volume support to internal provisioners.
**What this PR does / why we need it**:
Internal provisioners now create filesystem PVs when block PVs are requested. This leads to unbindable PVCs.
In this PR, volume plugins that support block volumes provision block PVs when block is requested. All the other provisioners return clear error in `kubectl describe pvc`:
```
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning ProvisioningFailed 7s (x2 over 18s) persistentvolume-controller Failed to provision volume with StorageClass "standard": kubernetes.io/cinder does not support block volume provisioning
```
```release-note
NONE
```
cc @kubernetes/vmware for vsphere changes
cc @andyzhangx for Azure changes
/assign @copejon @mtanino
Automatic merge from submit-queue (batch tested with PRs 62460, 64480, 63774, 64540, 64337). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Modified regional PD test to fetch template name from GCE
**What this PR does / why we need it**: Previously, the regional PD failover e2e test assumes a specific relationship between the names of an instance group and its corresponding template. It turns out to not always hold true for different types of clusters. Instead, the test should fetch the correct template name by calling out to GCE.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Part of #59988
Need to cherry pick this back to 1.10 along with #64223
**Release note**:
```release-note
NONE
```
/assign @saad-ali @wojtek-t
/sig storage
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move Ceph server secret creation to common code.
The secret should be created only on one place.
**Release note**:
```release-note
NONE
```
@jeffvance @copejon @rootfs @msau42 PTAL
Putting the command line argument handling into the central test
context seems like the better solution, in particular considering that
argument handling might get changed in the future to use Viper.
Automatic merge from submit-queue (batch tested with PRs 64174, 64187, 64216, 63265, 64223). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Moving Regional PD e2e tests to regular test suites
**What this PR does / why we need it**: Regional PD e2e tests previously only run on alpha suites. Need to move them to the regular test suites
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Part of #59988
**Special notes for your reviewer**: Will be cherry-picked to 1.10 once merged.
**Release note**:
```release-note
NONE
```
/sig gcp
/sig storage
/assign @msau42 @saad-ali
Automatic merge from submit-queue (batch tested with PRs 64013, 63896, 64139, 57527, 62102). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Setup fsGroup for local volumes correctly
**What this PR does / why we need it**:
This pr fixes fsGroup check in local volume in containerized kubelet. Except this, it also fixes fsGroup check when volume source is a normal directory whether kubelet is running on the host or in a container.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61741
**Special notes for your reviewer**:
Bind mounts are detected in `/proc/mounts`, but it does not contain root of mount for bind mounts. So `mount.GetMountRefsByDev()` cannot get all references if source is a normal directory. e.g.
```
# mkdir /tmp/src /mnt/dst
# mount --bind /tmp/src /tmp/src # required by local-volume-provisioner, see https://github.com/kubernetes-incubator/external-storage/pull/499
# mount --bind /tmp/src /mnt/dst
# grep -P 'src|dst' /proc/mounts
tmpfs /tmp/src tmpfs rw,nosuid,nodev,noatime,size=4194304k 0 0
tmpfs /mnt/dst tmpfs rw,nosuid,nodev,noatime,size=4194304k 0 0
# grep -P 'src|dst' /proc/self/mountinfo
234 409 0:42 /src /tmp/src rw,nosuid,nodev,noatime shared:30 - tmpfs tmpfs rw,size=4194304k
235 24 0:42 /src /mnt/dst rw,nosuid,nodev,noatime shared:30 - tmpfs tmpfs rw,size=4194304k
```
We need to compare root of mount and device in this case.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62756, 63862, 61419, 64015, 64063). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use apps/v1 Deployment/ReplicaSet in controller and kubectl
This updates the Deployment controller and integration/e2e tests to use apps/v1, as part of #55714.
This also requires updating any other components that use the `deployment/util` package, most notably `kubectl`. That means client versions 1.11 and above will only work with server versions 1.9 and above. This is well within our client-server version skew policy of +/-1 minor version.
However, this PR *only* updates the parts of `kubectl` that used `deployment/util`. So although kubectl now requires apps/v1, it still also depends on extensions/v1beta1. Migrating other parts of kubectl to apps/v1 is beyond the scope of this PR, which was just to change the Deployment controller and fix all the fallout.
```release-note
kubectl: This client version requires the `apps/v1` APIs, so it will not work against a cluster version older than v1.9.0. Note that kubectl only guarantees compatibility with clusters that are +/-1 minor version away.
```
The CSI integration test for hostpath was hard-coded to use the latest
stable release of the sidecar and hostpath container images. This
makes sense for regression testing of changes made in Kubernetes
itself, but the same test is also useful for testing the "canary"
images on quay.io before tagging them as a new release or for testing
locally produced images. Both is now possible via command line
parameters.
Testing "canary" images on quay.io:
go run hack/e2e.go -- --provider=local --test \
--test_args="--ginkgo.focus=CSI.plugin.test.using.CSI.driver..hostPath -csiImageVersion=canary"
Testing local container images:
# https://docs.docker.com/registry/deploying/
docker run -d -p 5000:5000 --restart=always --name registry registry:2
for i in driver-registrar drivers external-attacher external-provisioner; do
make -C $i REGISTRY_NAME=localhost:5000 push
done
go run hack/e2e.go -- --provider=local --test \
--test_args="--ginkgo.focus=CSI.plugin.test.using.CSI.driver..hostPath -csiImageVersion=canary -csiImageRegistry=localhost:5000"
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
passthrough readOnly to subpath
**What this PR does / why we need it**:
If a volume is mounted as readonly, or subpath volumeMount is configured as readonly, then the subpath bind mount should be readonly.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62752
**Special notes for your reviewer**:
**Release note**:
```release-note
Fixes issue where subpath readOnly mounts failed
```
Automatic merge from submit-queue (batch tested with PRs 63373, 63338). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Enable GCE/GKE e2e tests for GlusterFS Dynamic Provisioner.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 63421, 63432, 63333). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
update tests to be specific about the versions they are testing
When setting up tests, you want to rely on your own scheme. This eliminates coupling to floating versions which gives unnecessary flexibility in most cases and prevents testing all the versions you need.
@liggitt scrubs unnecessary deps.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62657, 63278, 62903, 63375). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add more volume types in e2e and fix part of them.
**What this PR does / why we need it**:
- Add dir-link/dir-bindmounted/dir-link-bindmounted/bockfs volume types for e2e tests.
- Fix fsGroup related e2e tests partially.
- Return error if we cannot resolve volume path.
- Because we should not fallback to volume path, if it's a symbolic link, we may get wrong results.
To safely set fsGroup on local volume, we need to implement these two methods correctly for all volume types both on the host and in container:
- get volume path kubelet can access
- paths on the host and in container are different
- get mount references
- for directories, we cannot use its mount source (device field) to identify mount references, because directories on same filesystem have same mount source (e.g. tmpfs), we need to check filesystem's major:minor and directory root path on it
Here is current status:
| | (A) volume-path (host) | (B) volume-path (container) | (C) mount-refs (host) | (D) mount-refs (container) |
| --- | --- | --- | --- | --- |
| (1) dir | OK | FAIL | FAIL | FAIL |
| (2) dir-link | OK | FAIL | FAIL | FAIL |
| (3) dir-bindmounted | OK | FAIL | FAIL | FAIL |
| (4) dir-link-bindmounted | OK | FAIL | FAIL | FAIL |
| (5) tmpfs| OK | FAIL | FAIL | FAIL |
| (6) blockfs| OK | FAIL | OK | FAIL |
| (7) block| NOTNEEDED | NOTNEEDED | NOTNEEDED | NOTNEEDED |
| (8) gce-localssd-scsi-fs| NOTTESTED | NOTTESTED | NOTTESTED | NOTTESTED |
- This PR uses `nsenter ... readlink` to resolve path in container as @msau42 @jsafrane [suggested](https://github.com/kubernetes/kubernetes/pull/61489#pullrequestreview-110032850). This fixes B1:B6 and D6, , the rest will be addressed in https://github.com/kubernetes/kubernetes/pull/62102.
- C5:D5 marked `FAIL` because `tmpfs` filesystems can share same mount source, we cannot rely on it to check mount references. e2e tests passes due to we use unique mount source string in tests.
- A7:D7 marked `NOTNEEDED` because we don't set fsGroup on block devices in local plugin. (TODO: Should we set fsGroup on block device?)
- A8:D8 marked `NOTTESTED` because I didn't test it, I leave it to `pull-kubernetes-e2e-gce`. I think it should be same as `blockfs`.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add tests for GlusterFS dynamic provisioner.
This bring up a heketi server pod and the server will be running
in mock mode, the PVC creation should work, however the volume
attachment to a pod and read/write is not part of this test. Due
to the same reason the tests are marked as [fast].
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
in mock mode, the PVC creation should work, however the volume
attachment to a pod and read/write is not part of this test. Due
to the same reason the tests are marked as [fast].
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
- Add PodStartShortTimeout and ClaimProvisionShortTimeout constants.
- Change framework.PodStartTimeout to framework.PodStartShortTimeout in
persistent_volumes-local.go. Busybox image is very small, no need to
wait for a long time.
Automatic merge from submit-queue (batch tested with PRs 62694, 62569, 62646, 61633, 62433). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add GCE-PD CSI Driver test to E2E test suite
Fixes: #60462
/sig storage
/kind technical-debt
/assign @saad-ali @msau42
**What this PR does / why we need it**:
This PR adds an E2E test for the GCE-PD CSI driver that deploys the driver in a production-like setting and tests whether dynamic provisioning with the driver is possible.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62694, 62569, 62646, 61633, 62433). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Report events to apiserver in local volume plugin.
**What this PR does / why we need it**:
See https://github.com/kubernetes/kubernetes/pull/62102#discussion_r179238429.
Report events to apiserver in local volume plugin.
- Add VolumeHost.GetEventRecorder() method
- Add related e2e tests
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62248
**Special notes for your reviewer**:
Example output of `kubectl describe pods`:
```
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 7s default-scheduler Successfully assigned e2e-tests-persistent-local-volumes-test-x4h5x/security-context-670da435-4174-11e8-9098-000c29bb0377 to 127.0.0.1
Warning AlreadyMountedVolume 7s kubelet, 127.0.0.1 The requested fsGroup is 4321, but the volume local-pvfbb76 has GID 1234. The volume may not be shareable.
Normal SuccessfulMountVolume 7s kubelet, 127.0.0.1 MountVolume.SetUp succeeded for volume "default-token-996xr"
Normal SuccessfulMountVolume 7s kubelet, 127.0.0.1 MountVolume.SetUp succeeded for volume "local-pvfbb76"
Normal Pulled 6s kubelet, 127.0.0.1 Container image "k8s.gcr.io/busybox:1.24" already present on machine
Normal Created 6s kubelet, 127.0.0.1 Created container
Normal Started 6s kubelet, 127.0.0.1 Started container
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62650, 62303, 62545, 62375). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Refactor subpath reconstruction tests to use util test
**What this PR does / why we need it**:
Use common util method for reconstruction tests so that test updates will be reflected in all e2es. Also increase termination grace period to allow more time for volume manager to cleanup before the tests check for leftover mounts
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62293
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62455, 62465, 62427, 62416, 62411). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Set slave mount propagation for local provisioner
**What this PR does / why we need it**:
Explicitly set slave mount propagation instead of assuming it's the default mode.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 46903, 61721, 62317). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove the use of storage class beta annotations in e2e tests.
**What this PR does / why we need it**:
Since we are going to remove storage class beta annotations, we'd like to remove the use of it in e2e tests to avoid upgrade test issues when it's finally removed.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
ref: https://github.com/kubernetes/kubernetes/pull/51440#discussion_r180290591
**Special notes for your reviewer**:
This should be cherry-picked to 1.10 as well. https://github.com/kubernetes/kubernetes/pull/51440#discussion_r178919464
/cc @msau42
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62192, 61866, 62206, 62360). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add CSI External Components ClusterRole to bootstrapped roles
Added CSI External Components ClusterRole to bootstrapped roles and removed creation from failing e2e test
Fixes: #61781
/sig storage
/kind bug
/assign @liggitt @saad-ali
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60197, 61614, 62074, 62071, 62301). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Adds e2e test for vpxd restart scenario in vSphere Cloud Provider
This PR adds a test to verify Volume access in a situation where VMware vCenter's `vpxd` service is down. The test mainly verifies Volume/file access before, during, and after restarting the `vpxd` service on the vCenter host.
See vmware/kubernetes#373 for more details.
**Reviewers note:** This PR was internally reviewed at vmware/kubernetes#468.
/cc @kubernetes/vmware
Automatic merge from submit-queue (batch tested with PRs 60465, 61773, 61371, 61146). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add more e2e subpath tests
**What this PR does / why we need it**:
Adds e2e tests for detecting subpath cleanup failures:
* Add wait for pod deletion to the end of subpath tests
* Add subpath as file test case
* Add subpath as file with container restart test case
* Refactor atomic volume tests
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61178
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61402, 61143, 61427, 60592). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
delete some unused code
**What this PR does / why we need it**:
delete some unused code
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61644, 61624, 61743, 61019, 61287). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Added e2e test for local-volume provisioner that does not create PV for discovered non-bind-mounted filesystem.
**What this PR does / why we need it**:
For v2+ of the [local volume provisioner](https://github.com/kubernetes-incubator/external-storage/tree/master/local-volume) non-bind mounted filesystems in a discovery directory will no longer result in local PVs. This change was put in place to handle the non-atomic nature of other methods of adding directories (e.g. https://github.com/kubernetes-incubator/external-storage/issues/482).
This PR tests this change in behavior, and it validates that non-bind mounted directories within a discovery directory do NOT result in a local PV.
**Which issue(s) this PR fixes**:
Fixes https://github.com/kubernetes/kubernetes/issues/61020
**Special notes for your reviewer**:
This test can be executed using the following commands:
```
KUBE_FEATURE_GATES="BlockVolume=true" NUM_NODES=1 go run hack/e2e.go -- --up
go run hack/e2e.go -- --test --test_args='--ginkgo.focus=PersistentVolumes-local.*Local.*volume.*provisioner'
```
If you get the logs from a local volume provisioner pod, you will see the following log messages:
```
$ kubectl logs local-volume-provisioner-94ddb -n e2e-tests-persistent-local-volumes-test-6ls4z
<snip>
I0311 19:01:30.350504 1 controller.go:73] Controller started
E0311 19:01:30.350849 1 discovery.go:172] Path "/mnt/local-storage/notbindmount" is not an actual mountpoint
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60455, 61365, 61375, 61597, 61491). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Updated lv-provisioner image to v2.1.0 in e2e tests
**What this PR does / why we need it**:
This PR updates the [local volume provisioner](https://github.com/kubernetes-incubator/external-storage/tree/master/local-volume) to v2.1.0 in the e2e tests for k8s v1.10.
**Which issue(s) this PR fixes**:
Fixes#61596
**Special notes for your reviewer**:
The following commands can be used to perform these tests:
```
$ make WHAT=test/e2e/e2e.test
$ KUBE_FEATURE_GATES="BlockVolume=true" NUM_NODES=1 go run hack/e2e.go -- --up
$ go run hack/e2e.go -- --test --test_args='--ginkgo.focus=PersistentVolumes-local.*Local.*volume.*provisioner’
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
e2e:Enable CSI tests
**What this PR does / why we need it**:
Enable CSI e2e tests now that CSI objects in Kubernetes are Beta.
Inspect daemonset provisioner logs for validation.
The logs are examined for the log lines showing that the provisioner discovered the directories and did NOT create a local PV.
This commit also adds SkipUnlessProvider supports SSH, which is required for local PV e2e tests.
This commit adds a test to verify Volume access in a situation where
VMware vCenter's vpxd service is down. The test mainly verifies
Volume/file access before, during, and after restarting the vpxd
service on the vCenter host.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Replace package "golang.org/x/net/context" with "context"
**What this PR does / why we need it**:
Replace package "golang.org/x/net/context" with "context"
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60560
**Special notes for your reviewer**:
As of Go 1.7 this package(golang.org/x/net/context) is available in the standard library under the name context. see (https://godoc.org/golang.org/x/net/context)
It is almost machinery replace.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61453, 61393, 61379, 61373, 61494). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use inner volume name instead of outer volume name for subpath directory
**What this PR does / why we need it**:
Fixes volume reconstruction for PVCs with subpath
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61372
**Special notes for your reviewer**:
**Release note**:
```release-note
ACTION REQUIRED: In-place node upgrades to this release from versions 1.7.14, 1.8.9, and 1.9.4 are not supported if using subpath volumes with PVCs. Such pods should be drained from the node first.
```
Automatic merge from submit-queue (batch tested with PRs 60980, 61273, 60811, 61021, 61367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Added e2e test for local volume provisioner discovery of new mountpoints while running.
**What this PR does / why we need it**:
This PR adds an e2e test for the local volume provisioner leveraging of the MountPropogation feature (https://github.com/kubernetes/kubernetes/pull/46444) to discover newly created mountpoints. The MountPropogation feature is now in beta (https://github.com/kubernetes/kubernetes/blob/master/pkg/features/kube_features.go#L146).
**Which issue(s) this PR fixes**:
Fixes https://github.com/kubernetes/kubernetes/issues/58416
**Special notes for your reviewer**:
```
KUBE_FEATURE_GATES="BlockVolume=true" NUM_NODES=1 go run hack/e2e.go -- --up
go run hack/e2e.go -- --test --test_args='--ginkgo.focus=PersistentVolumes-local.*Local.*volume.*provisioner'
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60793, 61181, 61267, 61252, 61334). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Refactor disruptive tests to use more volume types
Refactor storage disruptive tests to use different volume types. Also mark existing tests to be NFS specific. Fixes https://github.com/kubernetes/kubernetes/issues/61150
cc @jeffvance @jingxu97
/sig storage
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 59740, 59728, 60080, 60086, 58714). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
vSphere: Minimize property collection via Finder
The 'All' parameter of the 'NewFinder' function controls property collection while searching the inventory.
When 'All' is set to 'false', Finder collects the minimal set of object properties required to search inventory.
When 'All' is set to 'true', Finder collects *all* object properties, which are *not* required to search inventory.
Setting 'All' to 'true' is only useful when inspecting all properties of an object,
such as by certain govc commands when the '-json' or '-dump' flags are specified.
Changing All=false in VCP minimizes the SOAP payload size and marshalling required on both sides, without impacting any functionality.
**What this PR does / why we need it**:
Changing All=false in VCP minimizes the SOAP payload size and marshalling required on both sides, without impacting any functionality.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix test images
These commits fix volume_io tests for iSCSI and Ceph RBD. Both server images were quite old (Fedora 22), so I updated them to ~~something more stable (CentOS 7) and to newer Ceph (Jewel, 10.2.7).~~ something newer (Fedora 26).
The most important fix is that the test volumes have 120 MB so volume_io test can actually run - the tests put 100MB file to the volume to check its persistence.
When mount containers in #53440 are merged I'll try to run the tests regularly with every PR (or merge) so we catch regressions quickly.
```release-note
NONE
```
/sig testing
/sig storage
/assign @jeffvance
Fixes: #56725
Automatic merge from submit-queue (batch tested with PRs 61111, 61069). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix subpath e2e tests on multizone cluster.
Use dynamically provisioned PV to run GCE PD tests. This will make sure that the pod is scheduled to the right zone and GCE PD can be attached to a node.
**Which issue(s) this PR fixes**:
Fixes#61101
**Release note**:
```release-note
NONE
```
/sig storage
@msau42 @verult
Use dynamically provisioned PV to run GCE PD tests. This will make sure
that the pod is scheduled to the right zone and GCE PD can be attached
to a node.
k8s-ci-robot