Automatic merge from submit-queue
start creating controller SA roles. start with just one
This creates a clusterrole for the replicationcontroller controller. It also streamlines the rule creation code and I'll use this role as practice for wiring up RBAC rules.
@kubernetes/sig-auth
@ericchiang Jordan is ooto, mind taking a look?
Automatic merge from submit-queue
remove the clientset adapter
This removes the clientset adapter entirely. There is one focused adapter that remains in a single e2e test. Every other reference was removed.
Automatic merge from submit-queue
Make @k82cn assignee for contrib/mesos/OWNERS and remove everyone else
@k82cn is going to be the maintainer for contrib/mesos going forward.
cc/ @eparis
Automatic merge from submit-queue
move the REST storage creation to its proper packages
Moves the `RESTStorageProvider` interfaces to their proper packages.
Automatic merge from submit-queue
Rename controller*.go to pvcontroller*.go
To make log filtering easier. controller.go is used by several controllers and matching logs for "pvcontroller.*" is much better.
@kubernetes/sig-storage
Automatic merge from submit-queue
kubeadm
**What this PR does / why we need it**:
This PR add alpha version of `kubeadm` tool, which allows user to boostrap a cluster rather quite easily. This is the initial contribution from @kubernetes/sig-cluster-lifecycle members, who's aim is to build easy-to-use tools that help to operate a cluster throughout its lifetime.
**Which issue this PR fixes**: a leap towards kubernetes/features#11
**Special notes for your reviewer**: previously seen by many folks in #31221
**Release note**:
```release-note
`kubeadm` (alpha) provides an easy way to securely bootstrap Kubernetes on Linux, see http://kubernetes.io/docs/kubeadm/
```
Automatic merge from submit-queue
Added e2e framweork and a simple test for HA master.
Added e2e framweork for testing HA master. Added one simple e2e test for HA master that first grows and then shrinks GCE cluster.
Automatic merge from submit-queue
Print a more helpful error message when failing to start rolling-updates
Hopefully this will help us track down where the 1.3 -> 1.4 upgrades are breaking down. We'll need to cherry-pick this into release-1.4 to have any effect, though.
Automatic merge from submit-queue
Put loopback authn/authz first in chain
We want the loopback token auth to go first in the chain, for performance reasons, and so the loopback token isn't seen by any remote token authenticators configured.
The loopback authorizer should also go first in the chain for performance.
Automatic merge from submit-queue
Do not report error when deleting an attached volume
Persistent volume controller should not send warning events to a PV and mark the PV as failed when the volume is still attached.
This happens when a user quickly deletes a pod and associated PVC - PV is slowly detaching, while the PVC is already deleted and the PV enters Failed phase.
`Deleter.Deleter` can now return `tryAgainError`, which is sent as INFO to the PV to let the user know we did not forget to delete the PV, however the PV stays in Released state. The controller tries again in the next sync (15 seconds by default).
Fixes#31511
Automatic merge from submit-queue
Split dns healthcheck into two different urls
Attempt to fix#30633.
<s>This new kube-dns pod template creates two exechealthz processes listen on two different ports for kubedns and dnsmasq correspondingly.
@thockin @girishkalele
Automatic merge from submit-queue
Node E2E: Cleanup e2e services
fixes#31765.
This PR is composed of 2 commits:
* The 1st commit split services.go into: `services.go`, `server.go` and `internal_services.go`:
* `services.go` contains the public object `E2EServices` which is used by the test framework directly.
* `internal_services.go` contains the internal object `e2eServices` which manages internal (statically-linked) services - apiserver, etcd and namespace_controller.
* `server.go` is the object managing exec process, both internal_services and kubelet are running as separate processes and managed with server.go.
* The 2nd commit added `monitorParent` option in start function of `E2EServices`. This is added to fix#31765:
* If `--stop-services=true`, `monitorParent` will be true, so that service processes will die with the parent process so as to enforce proper clean up.
* If `--stop-services=false`, `monitorParent` will be false, so that service processes will not die with the parent process and keep running for debugging.
This PR also moved the kubelet start logic into `E2EServices` (start kubelet in the test process), so that we can use flags directly when starting kubelet. Before we had to pass them to the services process and let it start kubelet, which was quite troublesome.
@vishh
/cc @kubernetes/sig-node
Currently the boostrap fails when a token is provided by the user
on `master init` and works when the token is generated. This is
because of a mismatch of how the token string in the kube-discovery
secret is encoded.
Kubernetes Submit Queue