The azure cloudprovider will now use the Managed Service Identity
to retrieve access tokens for the Azure ARM APIs, rather than
requiring hard-coded, user-specified credentials.
Currently, client-go requires that an IPv6 address string for hostname has
square brackets surrounding, so that it can be used with address:port in
an API request.
This change, removes that requirement, and has getListener() add the
square brackets for IPv6 addresses for hosts. If IPv4 or hostname, the name
will not be modified.
Decided to change here, rather than everywhere client-go is used (thinking
that there may be places where we DON'T want the square brackets applied).
This issue was found in kubelet, which, at startup, creates a listener for
services and nodes. If an IPv6 address is used, the URI was malformed.
This behavior regressed in an earlier release. Clearing the self link
ensures that a new version is always written and reduces the size of the
stored object by a small amount. Add tests to verify that Create and
Update result in no SelfLink stored in etcd.
Automatic merge from submit-queue (batch tested with PRs 48555, 48849)
GCE: Fix panic when service loadbalancer has static IP address
Fixes#48848
```release-note
Fix service controller crash loop when Service with GCP LoadBalancer uses static IP (#48848, @nicksardo)
```
Automatic merge from submit-queue
Fix subPath existence check to not follow symlink
**What this PR does / why we need it**:
Volume mounting logic introduced in #43775 and #45623 checks
for subPath existence before attempting to create a directory,
should subPath not be present.
This breaks if subPath is a dangling symlink, os.Stat returns
"do not exist" status, yet `os.MkdirAll` can't create directory
as symlink is present at the given path.
This patch makes existence check to use os.Lstat which works for
normal files/directories as well as doesn't not attempt to follow
symlink, therefore it's "do not exist" status is more reliable when
making a decision whether to create directory or not.
subPath symlinks can be dangling in situations where kubelet is
running in a container itself with access to docker socket, such
as CoreOS's kubelet-wrapper script
**Release note**:
```release-note
Fix pods failing to start when subPath is a dangling symlink from kubelet point of view, which can happen if it is running inside a container
```
Automatic merge from submit-queue
add [sig-apps] identifier to relevant upgrade tests
**What this PR does / why we need it**: This PR adds [sig-apps] identifier to relevant upgrade tests.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: xref #48839
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue
add [sig-apps] prefix to workload e2e tests
**What this PR does / why we need it**: This PR adds [sig-apps] prefix to workload e2e tests in accord to requirements of adding a SIG dashboard to testgrid. Refer PR #48781 for guidelines.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
This is useful for humans to run to catch obvious problems before
pushing commits and waiting for CI to run verify checks.
Quick mode only runs a whitelist of verify scripts that are reasonably fast.
I set the initial bar arbitrarily at <10s each on my workstation.
The whole set runs in <30s for me, assuming I had already run `make` and
`hack/godep-restore.sh`. This is compared to the full `make verify`
which takes [I don't know how long because I gave up after 45min].
Automatic merge from submit-queue (batch tested with PRs 46738, 48827, 48831)
Add test for kubectl resource filter.
This should prevent regression of the bug fixed in #48786.
Automatic merge from submit-queue (batch tested with PRs 46738, 48827, 48831)
Moving disruption controller e2es to workload/
Based on #45301
Moving to track sig-apps in a single directory
cc @kubernetes/sig-contributor-experience-misc @kubernetes/sig-apps-misc @erictune @kow3ns @crimsonfaith91
Automatic merge from submit-queue
StatefulSet upgrade test - replicated database (mysql)
**What this PR does / why we need it**:
Adds a new upgrade test. The test creates a statefulset with a replicated mysql database. It populates the database and then continually polls the data while performing an upgrade.
Ultimately, this PR increases confidence of reliability during upgrades. It helps show that StatefulSets and Pod Disruption Budgets are doing what they're supposed to. Code to pay attention to this was added for #38336.
Also vendors in a golang mysql client driver, for use in the test.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48781, 48817, 48830, 48829, 48053)
kubeadm: Start to remove old envparams
**What this PR does / why we need it**:
Historically, the envparams feature was used as a way to easily debug `kubeadm` while developing it in the v1.3-v1.4 timeframe. Since then some parameters have been hanging around and not being moved into the API as they should have.
Note: This is a temporary step; moving things into the API. Still, the API is gonna change, this is not the end state. But this is better than keeping the envparams.
I'm gonna deal with `KubernetesDir` in the next PR.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes: kubernetes/kubeadm#326
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
@timothysc @pipejakob
Automatic merge from submit-queue (batch tested with PRs 48781, 48817, 48830, 48829, 48053)
vSphere for cloud-controller-manager
**What this PR does / why we need it**:
This is to implement the `NodeAddressesByProviderID` and `InstanceTypeByProviderID` methods for cloud-controller-manager for vSphere cloud provider.
Currently vSphere cloud provider only supports VMs in the same folder.
Thus `NodeAddressesByProviderID` is similar to `NodeAddresses` with a simple ProviderID to NodeName translation.
`InstanceTypeByProviderID` returns nil as same as `InstanceType`.
**Which issue this PR fixes**
Part of Issue https://github.com/kubernetes/kubernetes/issues/47257
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 48781, 48817, 48830, 48829, 48053)
Fix yaml-quote typo
Caught this looking through CI logs.
/assign wojtek-t
Automatic merge from submit-queue (batch tested with PRs 48781, 48817, 48830, 48829, 48053)
Move kubectl e2e tests to their own directory and prefix the test nam…
```release-note
NONE
```
Automatic merge from submit-queue
Make storage e2e tests start with [sig-storage] instead of [k8s.io].
This makes understanding sig ownership from a test name very easy for
tools and humans.
- Use a SIGDescribe helper function that adds a [sig-storage] prefix instead of [k8s.io] for tests in storage/
- Move a test that should be in storage into storage.
- Make tests owned by multiple SIGs (configmap test) have [sig-storage] instead of [Volume] labels.
This means that all tests that sig-storage directly owns can be found with a simple regex.
/cc @kubernetes/sig-storage-pr-reviews
**What this PR does / why we need it**:
This will be used to make a testgrid dashboard for sig-storage.
**Release note**:
```release-note
NONE
```
Issue #48779
Automatic merge from submit-queue (batch tested with PRs 48594, 47042, 48801, 48641, 48243)
Add initial support for the Azure instance metadata service.
Part of fixing #46632
@colemickens @rootfs @jdumars @kris-nova
Automatic merge from submit-queue (batch tested with PRs 48594, 47042, 48801, 48641, 48243)
Prepare to introduce websockets for exec and portforward
Refactor the code in remotecommand to better represent the structure of
what is common between portforward and exec.
Ref #48633
Cole Mickens