Automatic merge from submit-queue
kubectl: add less verbose version
The kubectl version output is very complex and makes it hard for users
and vendors to give actionable information. For example during the
recent Kubernetes 1.4.3 TLS security scramble I had to write a one-liner
for users to get out the version number to give to figure out if they
are vulnerable:
```
$ kubectl version | grep -i Server | sed -n 's%.*GitVersion:"\([^"]*\).*%\1%p'
```
Instead this patch outputs simply output by default
```
./kubectl version
Client Version: v1.4.3
Server Version: v1.4.3
```
Adding the `--verbose` flag will output the old format.
Automatic merge from submit-queue
Cleanup pod in MatchContainerOutput
MatchContainerOutput always creates a pod and does not cleanup. We need
to fix this to be better at re-trying the scenarios.
When there is an error say in the first attempt of ExpectNoErrorWithRetries
(for example in "Pods should contain environment variables for services" test)
the retries logic calls MatchContainerOutput another time and the
podClient.create fails correctly since the pod was not cleaned up the
first time MatchContainerOutput was called.
Fixes#35089
Automatic merge from submit-queue
Change dnsutils image to use alpine
This reduces the size of the dnsutils image and should reduce the # of failed e2e test runs due to image pull timeout.
MatchContainerOutput always creates a pod and does not cleanup. We need
to fix this to be better at re-trying the scenarios.
When there is an error say in the first attempt of ExpectNoErrorWithRetries
(for example in "Pods should contain environment variables for services" test)
the retries logic calls MatchContainerOutput another time and the
podClient.create fails correctly since the pod was not cleaned up the
first time MatchContainerOutput was called.
Fixes#35089
Automatic merge from submit-queue
[kubelet] rename --cgroups-per-qos to --experimental-cgroups-per-qos
This reflects the true nature of "cgroups per qos" feature.
```release-note
* Rename `--cgroups-per-qos` to `--experimental-cgroups-per-qos` in Kubelet
```
Automatic merge from submit-queue
tests: update memory resource limits
```release-note
NONE
```
On ubuntu, the `RestartNever` test OOMs its cgroup limit fairly
frequently.
This bumps the number up to something suitably large since the test
isn't testing anything related to this anyways.
Fixes#36159
Fix based on https://github.com/kubernetes/kubernetes/issues/36159#issuecomment-258992255
cc @yujuhong @saad-ali
Automatic merge from submit-queue
Add test for: mount a secret with another secret having same name in different namespace
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
If two secrets exist with the same name but different namespace, a pod in one namespace should be able to mount the secret without issue.
**Which issue this PR fixes** _(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)_: fixes #
**Special notes for your reviewer**:
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
``` release-note
```
…nother secret with same name and different namespace
Automatic merge from submit-queue
Implement CanMount() for gfsMounter for linux
**What this PR does / why we need it**:
To implement CanMount() check for glusterfs. If mount binaries are not present on the underlying node, the mount will not proceed and return an error message stating so.
Related to issue : https://github.com/kubernetes/kubernetes/issues/36098
Related to similar change for NFS :
https://github.com/kubernetes/kubernetes/pull/36280
**Release note**:
`Check binaries for GlusterFS on the underlying node before doing mount`
Sample output from testing in GCE/GCI:
rkouj@rkouj0:~/go/src/k8s.io/kubernetes$ kubectl describe pods
Name: glusterfs
Namespace: default
Node: e2e-test-rkouj-minion-group-kjq3/10.240.0.3
Start Time: Fri, 11 Nov 2016 17:22:04 -0800
Labels: <none>
Status: Pending
IP:
Controllers: <none>
Containers:
glusterfs:
Container ID:
Image: gcr.io/google_containers/busybox
Image ID:
Port:
QoS Tier:
cpu: Burstable
memory: BestEffort
Requests:
cpu: 100m
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Environment Variables:
Conditions:
Type Status
Initialized True
Ready False
PodScheduled True
Volumes:
glusterfs:
Type: Glusterfs (a Glusterfs mount on the host that shares a pod's lifetime)
EndpointsName: glusterfs-cluster
Path: kube_vol
ReadOnly: true
default-token-2zcao:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-2zcao
Events:
FirstSeen LastSeen Count From SubobjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
8s 8s 1 {default-scheduler } Normal Scheduled Successfully assigned glusterfs to e2e-test-rkouj-minion-group-kjq3
7s 4s 4 {kubelet e2e-test-rkouj-minion-group-kjq3} Warning FailedMount Unable to mount volume kubernetes.io/glusterfs/6bb04587-a876-11e6-a712-42010af00002-glusterfs (spec.Name: glusterfs) on pod glusterfs (UID: 6bb04587-a876-11e6-a712-42010af00002). Verify that your node machine has the required components before attempting to mount this volume type. Required binary /sbin/mount.glusterfs is missing
On ubuntu, the `RestartNever` test OOMs its cgroup limit fairly
frequently.
This bumps the number up to something suitably large since the test
isn't testing anything related to this anyways.
Fixes#36159
Automatic merge from submit-queue
Fix handling lists in kubectl convert
Fixes https://github.com/kubernetes/kubernetes/issues/36722
When handling multiple objects in `kubectl convert` (for example in `kubectl convert -f .` with multiple files in current directory) the objects must be managed as a list instead of individually, otherwise `-o yaml|json` will generate invalid format (just multiple json/yaml objects concatenated) which can't be fed to `kubectl create` like in `kubectl convert -f . | kubectl create -f -`.
```release-note
NONE
```
Automatic merge from submit-queue
Default host user namespace via experimental flag
@vishh @ncdc @pmorie @smarterclayton @thockin
Initial thought on the implementation https://github.com/kubernetes/kubernetes/pull/30684#issuecomment-241523425 wasn't quite right. Since we need to dereference a PVC in some cases the defaulting code didn't fit nicely in the docker manager code (would've coupled it with a kube client and would've been messy). I think passing this in via the runtime config turned out cleaner. PTAL
Automatic merge from submit-queue
Use generous limits in the resource usage tracking tests
These tests are mainly used to catch resource leaks in the soak cluster. Using
higher limits to reduce noise.
This should fix#32942 and #32214.
Automatic merge from submit-queue
let printer update unstructured list
Fixes https://github.com/kubernetes/kubernetes/issues/36749.
Didn't see any existing test in `test-cmd.sh` and I'm not sure how to make the watch stop in the test for reasonable testing.
@kubernetes/kubectl @kargakis
Automatic merge from submit-queue
Update Dashboard UI version to 1.4.2
**What this PR does / why we need it**:
Dashboard 1.4.2 contains a fix for an XSS security bug, so I think it would be prudent to update the Dashboard version 'shipped' with kubernetes to this version
**Special notes for your reviewer**:
**Release note**:
- Updated dashboard version in addons to 1.4.2```
Automatic merge from submit-queue
Update OpenAPI spec generator to enable all APIs
scheduledjob/cronjob is missing in the OpenAPI spec located in api/openapi-spec/swagger.json. Root cause is the API was not enabled when we generate this file in hack/update-openapi-spec.sh.
This change is only effect static swagger.json file in our source tree but the documentation @pwittrock working on and client-python I am working on depends on it. We can sure hack our way through having this in our components, but it look cleaner to have it in 1.5 specially because there is no runtime behavior change of any kind.
Fixes#36682
Automatic merge from submit-queue
[Federation][Bugfix] Make the dns provider configurable in kubefed init
Fixes: Issue #36690
The design doc PR relating the whole feature for kubefed is at #34484.
cc @kubernetes/sig-cluster-federation @madhusudancs @nikhiljindal
Automatic merge from submit-queue
fix bug when compare version
Fix a small bug when compare version in `patch` which is introduced by my PR #35647 today.
This blocks #36672.
cc: @janetkuo
Automatic merge from submit-queue
Fix watching from resourceVersion=0 in etcd3 watcher
Fixes https://github.com/kubernetes/kubernetes/issues/36545
* Makes etcd3 consistent with watch cache behavior (all synthetic events sent for the initial list of items result in ADDED events)
* Fixes errors if previous values of initial items had been compacted away
* Removes fan-out Get() for previous values of initial items
Should be fixed before making etcd3 the default (https://github.com/kubernetes/kubernetes/pull/36229)
Automatic merge from submit-queue
Bump GCI version to gci-dev-56-8977-0-0
@vishh @saad
``` release-note
Updating GCI base image to gci-dev-56-8977-0-0. Changelog as follows:
* runc: Eliminate redundant parsing of mountinfo
* Updated kubernetes to v1.4.5
```
Kubernetes Submit Queue