Automatic merge from submit-queue (batch tested with PRs 49990, 49997, 44278, 49936, 49891)
Move ResourceQuota plugin at the end of the admission plugin chain.
@liggitt @derekwaynecarr
Automatic merge from submit-queue (batch tested with PRs 49992, 48861, 49267, 49356, 49886)
Set default vmodule flag in integration tests
Re-introduce a default glog vmodule flag to the integration test setup.
The default was removed in d08dfb9 because it was hard-coded and
prevented local override. This commit makes the default overridable.
```release-note
NONE
```
/cc @caesarxuchao
Automatic merge from submit-queue (batch tested with PRs 49992, 48861, 49267, 49356, 49886)
Reintegrate aggregation support for OpenAPI
Reintegrating changes of #46734
Changes summary:
- Extracted all OpenAPI specs to new repo `kube-openapi`
- Make OpenAPI spec aggregator to copy and rename any non-requal model (even with documentation change only).
- Load specs when adding APIServices and retry on failure until successful spec retrieval or a 404.
- Assumes all Specs except aggregator's Spec are static
- A re-register of any APIService will result in updating the spec for that service (Suggestion for TPR: they should be registered to aggregator API Server, Open for discussion if any more changes needed for another PR.)
fixes#48548
Automatic merge from submit-queue (batch tested with PRs 46519, 49794, 49720, 49692, 49821)
[make verify] Display list of failed tests to the user at the end
**What this PR does / why we need it**:
Minor improvement to verify all script as it now displays list of failed tests at the end, makes it easier for fixing errors
```
$KUBE_VERIFY_GIT_BRANCH=someBranch hack/make-rules/verify.sh -v -Q
.
.
.
========================
FAILED TESTS
========================
hack/make-rules/../../hack/verify-boilerplate.sh
hack/make-rules/../../hack/verify-godep-licenses.sh
hack/make-rules/../../hack/verify-readonly-packages.sh
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49845
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue
fix hack/local-up-cluster.sh apiserver not listening bug
**What this PR does / why we need it**:
This PR fix a potential bug int hack/local-up-cluster.sh and it helps developers to build local cluster properly
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fix#49728
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Re-introduce a default glog vmodule flag to the integration test setup.
The default was removed in d08dfb9 because it was hard-coded and
prevented local override. This commit makes the default overridable.
Automatic merge from submit-queue
Enable node authorizer in local-up-cluster
Fixes#49822
Enables the Node authorization mode to ensure the kubelet credential we create has permission to do kubelet-related things. Matches the default authorizers in gce/gke and CI clusters.
Related to the deprecation of the automatic binding of the `system:nodes` group to the `system:node` role on new deployments (https://github.com/kubernetes/kubernetes/pull/49638)
```release-note
`hack/local-up-cluster.sh` now enables the Node authorizer by default. Authorization modes can be overridden with the `AUTHORIZATION_MODE` environment variable, and the `ENABLE_RBAC` environment variable is no longer used.
```
Automatic merge from submit-queue (batch tested with PRs 49538, 49708, 47665, 49750, 49528)
Enable garbage collection of custom resources
Enhance the garbage collector to periodically refresh the resources it monitors (via discovery) to enable custom resource definition GC (addressing #44507 and reverting #47432).
This is a replacement for #46000.
/cc @lavalamp @deads2k @sttts @caesarxuchao
/ref https://github.com/kubernetes/kubernetes/pull/48065
```release-note
The garbage collector now supports custom APIs added via CustomeResourceDefinition or aggregated apiservers. Note that the garbage collector controller refreshes periodically, so there is a latency between when the API is added and when the garbage collector starts to manage it.
```
Automatic merge from submit-queue (batch tested with PRs 49538, 49708, 47665, 49750, 49528)
Add a support for GKE regional clusters in e2e tests.
**What this PR does / why we need it**:
Add a support for GKE regional clusters in e2e tests.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49581, 49652, 49681, 49688, 44655)
Add sig-testing OWNERS_ALIASES
/sig testing
**What this PR does / why we need it**:
follow the sig-foo-{reviewers,approvers} convention
- rename test-infra-maintainers to sig-testing-approvers
- copy sig-testing-approvers to sig-testing-reviewers
- remove inviduals in test/OWNERS in favor of new aliases
as a result
- rmmh gets test/ approver privileges
- spiffxp gets hack/jenkins/ approver privileges
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49580
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Enhance the garbage collector to periodically refresh the resources it
monitors (via discovery) to enable custom resource definition GC.
This implementation caches Unstructured structs for any kinds not
covered by a shared informer. The existing meta-only codec only supports
compiled types; an improved codec which supports arbitrary types could
be introduced to optimize caching to store only metadata for all
non-informer types.
Automatic merge from submit-queue (batch tested with PRs 49619, 49598, 47267, 49597, 49638)
Flag support in kubectl plugins
Adds support to flags in `kubectl` plugins. Flags are declared in the plugin descriptor and are passed to plugins through env vars, similar to global flags (which already works).
Fixes https://github.com/kubernetes/kubernetes/issues/49122
**Release note**:
```release-note
Added flag support to kubectl plugins
```
PTAL @monopole @kubernetes/sig-cli-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 47738, 49196, 48907, 48533, 48822)
ParseEncryptionConfiguration: simplify code
**What this PR does / why we need it**:
Reorder `if`-s to make code a bit more readable. It also improves godoc comment and error message.
**Release note**:
```release-note
NONE
```
PTAL @sakshamsharma
Automatic merge from submit-queue (batch tested with PRs 46913, 48910, 48858, 47160)
federation: Stop using and remove federation internalclientset
**What this PR does / why we need it**:
This probably a left over job. We should not be using the internal clientset and instead be using versioned ones as described in #29934
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
```release-note
NONE
```
/assign @nikhiljindal
/cc @kubernetes/sig-federation-misc
Automatic merge from submit-queue (batch tested with PRs 46913, 48910, 48858, 47160)
move sig-node related e2e tests to node subdir
I need help making sure I picked the right ones and/or didn't miss anything.
Potential additions include: `logging_soak.go`, `ssh.go`, `kubelet_perf.go`.
/cc @dchen1107 @vishh @tallclair @yujuhong @Random-Liu @abgworrall @dashpole @yguo0905
Automatic merge from submit-queue (batch tested with PRs 43443, 46193, 49071, 47252)
Run the update-staging-godeps script inside a docker container
**What this PR does / why we need it**:
This PR moves the update-staging-godeps script to run inside a docker container.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#45757
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/assign @ixdy @sttts
Automatic merge from submit-queue (batch tested with PRs 43443, 46193, 49071, 47252)
[Federation][Kubefed] Support reference document autogeneration for kubefed
This PR is needed to address the documentation issue https://github.com/kubernetes/kubernetes.github.io/issues/2888
Apart from the code auto generation have updated some descriptions for consistency.
**Special notes for your reviewer**:
@kubernetes/sig-federation-misc
cc @madhusudancs @csbell
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 48976, 49474, 40050, 49426, 49430)
Set external hostname in local-up-cluster
**What this PR does / why we need it**:
If we set --external-hostname, then the api server does not look
in the CloudProviderOptions.DefaultExternalHost method. While we
are at it, let's log an info message, so if there is a failure
the operator gets a hint that they can use --external-hostname
to bypass the lookup in the cloud provider. This will enable us
to set the CLOUD_PROVIDER to openstack for example and not have to
really run api server inside a openstack vm.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48976, 49474, 40050, 49426, 49430)
Use presence of kubeconfig file to toggle standalone mode
Fixes#40049
```release-note
The deprecated --api-servers flag has been removed. Use --kubeconfig to provide API server connection information instead. The --require-kubeconfig flag is now deprecated. The default kubeconfig path is also deprecated. Both --require-kubeconfig and the default kubeconfig path will be removed in Kubernetes v1.10.0.
```
/cc @kubernetes/sig-cluster-lifecycle-misc @kubernetes/sig-node-misc
Automatic merge from submit-queue (batch tested with PRs 48224, 45431, 45946, 48775, 49396)
[client-go] Fake Dynamic Client
This commit converts `"k8s.io/client-go/dynamic".Client` to an interface, and implements fake versions of both `ClientPool` and `Client`. This allows components which make uses of these clients to be tested in the same way that clientset-based components can be tested, using the standard `testing.Fake` machinery.
**Release note**:
```release-note
NONE
```
follow the sig-foo-{reviewers,approvers} convention
- rename test-infra-maintainers to sig-testing-approvers
- copy sig-testing-approvers to sig-testing-reviewers
- remove inviduals in test/OWNERS in favor of new aliases
as a result
- rmmh gets test/ approver privileges
- spiffxp gets hack/jenkins/ approver privileges
Automatic merge from submit-queue (batch tested with PRs 49286, 49550)
Remove myself from a bunch of places
I am assigned in reviews which I never get to do. I prefer drive-bys whenever I can do them rather than the bot choosing myself in random, ends up being mere spam.
@smarterclayton please approve.
Automatic merge from submit-queue
Remove flags low-diskspace-threshold-mb and outofdisk-transition-frequency
issue: #48843
This removes two flags replaced by the eviction manager. These have been depreciated for two releases, which I believe correctly follows the kubernetes depreciation guidelines.
```release-note
Remove depreciated flags: --low-diskspace-threshold-mb and --outofdisk-transition-frequency, which are replaced by --eviction-hard
```
cc @mtaufen since I am changing kubelet flags
cc @vishh @derekwaynecarr
/sig node
Automatic merge from submit-queue
Added sig-storage labels to upgrade tests and moved them to appropriate directory
**What this PR does / why we need it**: Adding necessary sig identifier for storage upgrade tests.
/release-note-none
Automatic merge from submit-queue (batch tested with PRs 49444, 47864, 48584, 49395, 49118)
fixed conflict resolution behavior while apply podpresets
**What this PR does / why we need it**:
This fixes the PodPreset application behavior in case of conflicts occur during the merging of Pod's information with PodPreset's. More details are in issue #47861
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes#47861
**Special notes for your reviewer**:
We are splitting the PodPreset application logic in two phases. In first phase, we try to detect the conflicts in information merging without modifying the Pod at all. If conflict occurs, then we reject the PodPresets injection. Incase of no conflicts, we apply the PodPresets and merge the information.
**Release note**:
```release-note
PodPreset is not injected if conflict occurs while applying PodPresets to a Pod.
```
This introduces fake implementations of dynamic.Client and
dynamic.ClientPool. They function similarly to the fake generated
clientsets, since they're also based in testing.Fake.
Replaces use of --api-servers with --kubeconfig in Kubelet args across
the turnup scripts. In many cases this involves generating a kubeconfig
file for the Kubelet and placing it in the correct location on the node.
If we set --external-hostname, then the api server does not look
in the CloudProviderOptions.DefaultExternalHost method. While we
are at it, let's log an info message, so if there is a failure
the operator gets a hint that they can use --external-hostname
to bypass the lookup in the cloud provider. This will enable us
to set the CLOUD_PROVIDER to openstack for example and not have to
really run api server inside a openstack vm.
Automatic merge from submit-queue
Fix staging godeps for k8s.io/metrics and k8s.io/kube-gen
**What this PR does / why we need it**:
#49095 introduced an issue with the formatting of the k8s.io/metrics staging godeps. This fixes that issue, and alters the script to prevent it from happening again.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Christoph Blecker