Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix TODO:change to a api-server watch
What this PR does / why we need it:
fix TODO (vladimirvivien) instead of polling api-server, change to a api-server watch
Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes#58031
Special notes for your reviewer:
Release note:
NONE
@vladimirvivien,@jsafrane,@saad-ali
I saw some TODO there and I am very interested in fixing it.
Please let me know if it is not inappropriate to do this.
Automatic merge from submit-queue (batch tested with PRs 58444, 59283, 59437, 59325, 59449). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix to register priority function ResourceLimitsPriority correctly.
**What this PR does / why we need it**:
This PR fixes registration of priority function ResourceLimitsPriority. Previously this function was being registered inside `init()`. Since this priority function ResourceLimitsPriority is behind feature gate `ResourceLimitsPriorityFunction` and if the feature is enabled, it was not visible in `init()` function. So now the registration of this priority function is moved inside `ApplyFeatureGates()` in scheduler where it can be correctly registered after the feature has been enabled.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
@kubernetes/sig-scheduling-pr-reviews @bsalamat @ravisantoshgudimetla
Automatic merge from submit-queue (batch tested with PRs 58444, 59283, 59437, 59325, 59449). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update PriorityClassName API doc
**What this PR does / why we need it**: It updates the comment (and hence API doc) for PriorityClassName of PodSpec.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/sig scheduling
Automatic merge from submit-queue (batch tested with PRs 59394, 58769, 59423, 59363, 59245). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Ensure euqiv hash calculation is per schedule
**What this PR does / why we need it**:
Currently, equiv hash is calculated per schedule, but also, per node. This is a potential cause of dragging integration test, see #58881
We should ensure this only happens once during scheduling of specific pod no matter how many nodes we have.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58989
**Special notes for your reviewer**:
**Release note**:
```release-note
Ensure euqiv hash calculation is per schedule
```
Automatic merge from submit-queue (batch tested with PRs 59394, 58769, 59423, 59363, 59245). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kube-scheduler: Use default predicates/prioritizers if they are unspecified in the policy config
**What this PR does / why we need it**:
The scheduler has built-in default sets of predicate/prioritizer that are applied on pod scheduling. It can also take a policy config file where predicate/prioritizer and extender settings can be specified. The current behavior is that if we want to configure an extender using the policy config, we have to also provide the default predicate/prioritizer settings. Otherwise, the empty predicate/prioritizer sets will be used.
This is inconvenient, and it's hard to keep the policy config up to date with the scheduler's defaults. This PR changes the scheduler to use the default predicate/prioritizer sets if they are unspecified in the policy config. But an empty list would bypass non-mandatory predicates/prioritizers.
This will change the behavior of a policy config that does not specify (but not empty list) predicate/prioritizer, but it's unlike someone is using such config in practice.
**Special notes for your reviewer**:
I think it makes sense to have this in 1.9 as well because
- It's safe, given the scope of this change and the fact that it's very unlikely that someone is using a policy config with empty predicates/prioritizers.
- Compared with the risk, asking users to provide the default predicate/prioritizer sets for is error-prone and may cause other issues.
**Release note**:
```release-note
kube-scheduler: Use default predicates/prioritizers if they are unspecified in the policy config
```
/sig scheduling
/assign @bsalamat
/cc @vishh
Automatic merge from submit-queue (batch tested with PRs 59394, 58769, 59423, 59363, 59245). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Only populate alias range for nic0 when invoking instance.UpdateNetworkInterface.
**What this PR does / why we need it**:
Without the fix, GCP will emit errors, e.g., googleapi: Error 400: Invalid value for field 'resource.accessConfigs': ''. Updating this field is not supported., invalid
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
N/A
**Special notes for your reviewer**:
**Release note**:
```release-note
"NONE"
```
Automatic merge from submit-queue (batch tested with PRs 59394, 58769, 59423, 59363, 59245). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
IPv6: Ensure calculated node CIDR size for pod subnets is valid
With IPv4, the node CIDR prefix is set to /24, which gives 256 pods per node
and 256 nodes, when assuming a /16 is used for the pod subnet.
For IPv6, the node CIDR prefix, is hard coded to /64. This does not work,
because the pod subnet prefix must be /66 or higher and must be a larger subnet
(lower value) than the node CIDR prefix.
In addition, the bit mask used to track the subnets (implying the number of
nodes), can only handle 32K entries, so the difference between pod subnet
prefix and node CIDR prefix cannot be more than 16 (bits).
To address this, the following algorithm is proposed to provide as many pods
per node as possible, and not exceed the number of nodes.
If the pod subnet prefix is from /66 to /104, we'll set the node CIDR prefix
to 16 more, so that the bit map is not exceeded. The rest of the bits will be
for pods per node.
If the subnet prefix is from /105 to /112, we'll split the available bits
between what is used for the nodes and what is used for the pods per node.
This will give a node CIDR prefix from /116 to /120.
If the subnet prefix is from /113 to /119, we'll do like IPv4 and ensure that
there are 256 pods per node, and the remaining bits will be for the nodes,
giving a node CIDR prefix of /120 always. This supports a limited number of
nodes, in some cases.
If the subnet prefix is /120 to /128, we don't have enough bits and will set
the node CIDR prefix to be the same as the pod subnet prefix. This will cause
a falure later, when it tests that the pod subnet prefix is larger than the
node CIDR prefi.
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58766
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 59441, 58264, 59287, 59396, 59439). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Better timeout in slower virtual machines
**What this PR does / why we need it**:
60 seconds seems to work better in slower boxes
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 59441, 58264, 59287, 59396, 59439). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Ensure docker daemon opts are in effect before docker login
**What this PR does / why we need it**:
Make sure the kubernetes-worker charm is using the configured `docker-opts` daemon options prior to running the `docker-logins` handler.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
https://github.com/juju-solutions/layer-docker/issues/112
**Special notes for your reviewer**:
**Release note**:
```release-note
Fixed charm issue where docker login would run prior to daemon options being set.
```
Automatic merge from submit-queue (batch tested with PRs 59441, 58264, 59287, 59396, 59439). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add context to all relevant cloud APIs
**What this PR does / why we need it**:
This adds context to all the relevant cloud provider interface signatures.
Callers of those APIs are currently satisfied using context.TODO().
There will be follow on PRs to push the context through the stack.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#815
**Special notes for your reviewer**:
For an idea of the full scope of this change please look at PR #58532.
**Release note**:
```release-note
Implementers of the cloud provider interface will note the addition of a context to this interface. Trivial code modification will be necessary for a cloud provider to continue to compile.
```
Automatic merge from submit-queue (batch tested with PRs 59441, 58264, 59287, 59396, 59439). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix some log param error
this patch fix some log parameter mistakes.
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
/release-note-none
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix TODO: moving Driver name check in API validation
**What this PR does / why we need it**:
fix TODO in csi_plugin.go ,moving Driver name check in API validation
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58163
**Special notes for your reviewer**:
**Release note**:
NONE
@vladimirvivien,@jsafrane,@saad-ali
I saw some TODO there and I am very interested in fixing it.
Please let me know if it is not inappropriate to do this.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add unit test for endpoint allocate
**What this PR does / why we need it**:
Adds a unit test for covering `allocate` function at endpoint.
**Release note**:
```release-note
None
```
/kind testing
/area hw-accelerators
/cc @jiayingz @vishh @derekwaynecarr @RenaudWasTaken @resouer @ConnorDoyle
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Abstract some duplicated code in the iptables proxier
Reorganizes the iptables proxier code so we only have the list of "-A FOO -j KUBE-BAR" rules in one place rather than duplicating the same list in multiple places. Split out from #56164 for ease of review/merging.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[GCE] Instance comparable host path
**What this PR does / why we need it**:
When creating a new TargetPool, insert new instances with the comparable host path instead of the full path, e.g. /zone/%s/instances/%s instead of the full https://www.googleapis.com/compute/v1/projects/... url.
With this change, `createTargetPoolAndHealthCheck` and `updateTargetPool` insert gceInstance paths in a consistent manner.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Release note**:
```release-note
NONE
```
TestValidOpenAPISpec often takes over a minute. This bumps the timeout
from 60 seconds to 300 seconds. On my computer it takes ~73 seconds
consisently. The calls to Validate() take the majority of the time.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
validate ipset set and entry - ipvs proxier validate entry before adding it and validate set before creating it
**What this PR does / why we need it**:
validate ipset util.
**Which issue(s) this PR fixes**:
Fixes#57269
**Special notes for your reviewer**:
I splitted this PR into some small pieces for the sake of code review.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use GlobalMemoryStatusEx to get total physical memory on Windows node
**What this PR does / why we need it**:
This PR fixes issue #57110 due to failure in getting total physical memory on some Windows VM such as in VMWare Fusion or Virtualbox. This change uses GlobalMemoryStatusEx instead of GetPhysicallyInstalledSystemMemory to retrieve total physical memory on Windows node. The amount obtained this way is also closer in parity with reading MemTotal from /proc/meminfo on Linux node.
(thanks to @martinivanov and @marono for the help)
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57110
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 58562, 56937). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add xfsprogs to hyperkube baseimage
**What this PR does / why we need it**:
adds `xfsprogs` to hyperkube image, so that XFS filesystem can be created on unformatted volumes.
```release-note
NONE
```
/sig node
/sig storage
This adds context to all the relevant cloud provider interface signatures.
Callers of those APIs are currently satisfied using context.TODO().
There will be follow on PRs to push the context through the stack.
For an idea of the full scope of this change please look at PR #58532.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Clarify that ListOptions.Timeout is not conditional on inactivity
**What this PR does / why we need it**:
Clarifies the meaning of the `Timeout` field of a `ListOptions`, because the name and existing description can reasonably be interpreted to mean something divergent from the actual behavior.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58558
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
With IPv4, the node CIDR prefix is set to /24, which gives 256 pods per node
and 256 nodes, when assuming a /16 is used for the pod subnet.
For IPv6, the node CIDR prefix, is hard coded to /64. This does not work,
because currently the pod subnet prefix must be /66 or higher and must be a
larger subnet (lower value) than the node CIDR prefix.
In addition, the bit mask used to track the subnets (implying the number of
nodes), can only handle 64K entries, so the difference between pod subnet
prefix and node CIDR prefix cannot be more than 16 (bits). The node CIDR
value needs to support this restriction.
To address this, the following algorithm is proposed...
For pod subnet prefixes of /113 or smaller, the remaining bits will be used
for the node CIDR, in multiples of 8, and 9-16 bits will be reserved for the
nodes, so that there are 512-64K nodes and 256, 512, 768, ... pods/node.
For example, with a pod network of /111, there will be 17 bits available. This
would give 8 bits for pods per node and 9 bits for nodes. The node CIDR would
be /120. For a pod network of /104, there will be 24 bits available. There will
be 8 bits for nodes, and 16 bits for pods/node, using a /112 node CIDR.
If the pod subnet prefix is /112, then the node CIDR will be set to /120, and
256 nodes and 256 pods/node will be available.
If the subnet prefix is /113 to /128, we don't have enough bits and will set
the node CIDR prefix to be the same as the pod subnet prefix. This will cause
a falure later, when it tests that the pod subnet prefix is larger than the
node CIDR prefix.
Automatic merge from submit-queue (batch tested with PRs 51323, 59306, 58991, 59050). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Proposal: Use `blkid` to detect fs type of device instead of `lsblk`.
**What this PR does / why we need it**:
Use `blkid` to detect fs type of device instead of `lsblk`.
`lsblk` depends on `udev`, and device driver's udev rules. If udev rules are not installed properly, `lsblk` could not get fs type of disk. This will cause problems, e.g. expanding volume will fail because it could not detect fs type of disk.
Take `rbd` as example, `lsblk -n -o FSTYPE /dev/rbd0` command actually read fs type from `/run/udev/data/b252:0` (may vary on different machines, see real file from `strace lsblk -n -o FSTYPE /dev/rbd0` ).
This file `/run/udev/data/b252:0` is generated by `udev` and device driver's udev files. If machine don't have `/lib/udev/rules.d/60-ceph-by-parttypeuuid.rules` udev rule file installed (this file is from `ceph-osd` package on ubuntu), it will not be properly generated, e.g:
```
# cat /run/udev/data/b251:0
S:rbd/<pool>/<image>
I:13234059587579
E:ID_FS_TYPE=
E:net.ifnames=0
G:systemd
```
`lsblk -n -o FSTYPE /dev/rbd0` will get empty fs type.
[60-ceph-by-parttypeuuid.rules](https://github.com/ceph/ceph/blob/v13.0.0/udev/60-ceph-by-parttypeuuid.rules) is udev rule, which underlyingly runs `blkid` commands to get infos of device, then store them in udev file.
If we use `blkid` to get fs type, kubelet volume manager will not depend on `udev` stuffs. Currently, if kubelet node does not have `60-ceph-by-parttypeuuid.rules` installed (from `ceph-osd` package), it will fail to get fs type of rbd image. Even administrator install `ceph-osd` later, it can not get fs type of previous mapped images (udev data files not be to updated automatically).
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
`udevadm test` logs:
- Ubuntu 16.04 (ceph-common installed), without ceph-osd: [without-ceph-osd.log](https://github.com/kubernetes/kubernetes/files/1678512/without-ceph-osd.log)
- Ubuntu 16.04 (ceph-common installed), with ceph-osd: [with-ceph-osd.log](https://github.com/kubernetes/kubernetes/files/1678509/with-ceph-osd.log)
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51323, 59306, 58991, 59050). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix apply --force w/ invalid resource
Fixes https://github.com/kubernetes/kubernetes/issues/58984
- First commit: Fixes cases where `--force` is provided with `kubectl apply`, with an object that is BOTH invalid and will cause a conflict error
- Second commit: Fixes cases where `--force` is provided with `kubectl apply`, with an invalid object
Justification for the first commit here: https://bugzilla.redhat.com/show_bug.cgi?id=1539529#c3
**Release note**:
```release-note
NONE
```
cc @ironcladlou
Automatic merge from submit-queue (batch tested with PRs 51323, 59306, 58991, 59050). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
clean temporary para for require-kubeconfig
**What this PR does / why we need it**:
delete temporary require-kubeconfig
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubectl should return an error if "-l" and "--all" are both specified
**What this PR does / why we need it**:
Per discussion in [#50497](https://github.com/kubernetes/kubernetes/pull/50497#discussion_r134881507)
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
/assign @caesarxuchao @mengqiy
**Release note**:
```release-note
kubectl should return an error if "-l" and "--all" are both specified
```
Previous commit relied on non-obvious reactive behavior, with the
'docker.restart' flag being exploited to re-execute docker_logins_changed
in a single hook execution.
Split this into 2 handlers:
- when docker-logins config changes, set one flag to handle the login
and another to request a daemon restart (if needed).
- run docker login after any potential daemon restarts have occurred.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Ensure public IP removed after service deleted
**What this PR does / why we need it**:
When creating many LoadBalancer services, some services may exceed Azure basic LB's FrontendIPConfiguations quota (default is 10). Public IPs are created for all services, but it is not removed after deleting the kubernetes services.
This PR fixes the problem.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#59255
**Special notes for your reviewer**:
Should cherry-pick to v1.9.
**Release note**:
```release-note
Ensure Azure public IP removed after service deleted
```
Lee Verberne