Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make OpenStack LBaaS v2 Provider configurable
Add option 'lb-provider' to the Loadbalancer section of the OpenStack
cloudprovider configuration to allow using a different LBaaS v2
provider than the default.
**What this PR does / why we need it**:
This PR allows to use a different OpenStack LBaaS v2 provider than the default of the OpenStack cloud.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
Added option lb-provider to OpenStack cloud provider config
```
Automatic merge from submit-queue (batch tested with PRs 54400, 54403). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Allow for configuring etcd hostname in the manifest
```release-note
Allow for configuring etcd hostname in the manifest
```
Add option 'lb-provider' to the Loadbalancer section of the OpenStack
cloudprovider configuration to allow using a different LBaaS v2
provider than the default.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update the Google API clients used by the GCE provider to identify Kubernetes as the origin of GCP API calls.
**What this PR does / why we need it**:
This modifies the Google API clients used for the GCE provider to identify GCP API calls as originating from Kubernetes.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#39391
**Special notes for your reviewer**:
**Release note**:
```release-note
`NONE`
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add m1093782566 to pkg/proxy/OWNERS reviewers
**What this PR does / why we need it**:
Add @m1093782566 to pkg/proxy/OWNERS reviewers. I would love to help review kube-proxy, especially ipvs mode codes.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Let the caller log error message
Talk to @anguslees offline and in resize pr, we should let the caller log the error message and in those functions, just return err.
Also error string should not be capitalized or end with punctuation
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/assign @anguslees
In RunClusterInfo, We try to connect to the api service and get some
information, but we just ignore the errors from Do().Visit(). We should
return the error returned by Do().Visit() so the "kubectl cluster-info"
would fail correctly with an error code.
- add usage instructions
- add Use Cases, Defining Types and Clean Up section. Copied
from apiextensions-apiserver/examples/client-go. This is done
to be consistent with all other examples.
- fix formatting
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
bump debian-hyperkube-base to 0.5 since CNI gets bumped
**What this PR does / why we need it**:
xref [discussion](https://github.com/kubernetes/kubernetes/pull/51250#discussion_r145796595) in #51250
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
/assign @ixdy @luxas
**Release note**:
```release-note
None
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
clean up pkg/apis/meta/v1/time.go
This file has been moved to staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/time.go
**Release note**:
```
NONE
```
/assign @sttts
Automatic merge from submit-queue (batch tested with PRs 52792, 48963). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix range for min value in imagepolicy admission
**What this PR does / why we need it**:
This makes the range for imagepolicy admission work properly. Currently if we specify `1s` for the value of `AllowTTL` or `DenyTTL` in the configuration yaml, we get a message like the following:
```
Error: failed to initialize plugins: Couldn't init admission plugin "ImagePolicyWebhook": valid value is between 1s and 30m0s, got 1s
```
This is due to a wrong comparison which is fixed in this PR. The rest of the PR just adds tests for this behaviour.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Warn user if Pod/Service networks will be accessed via proxy.
**What this PR does / why we need it**:
In environments where HTTP proxies are used, it is important
to whitelist Pod and Services network ranges in the NO_PROXY
variable, so cluster will be properly operational.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
- kubeadm will warn users if access to IP ranges for Pods or Services will be done via HTTP proxy.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fed: Move cluster generator & constants from kubectl to kubefed pkg
This will ensure the history of the federation-only files can be cheaply retained during the branch filtering that will occur for #52992.
cc: @kubernetes/sig-multicluster-pr-reviews
/sig multicluster
/area federation
/assign irfanurrehman shashidharatd
/release-note-none
Automatic merge from submit-queue (batch tested with PRs 52471, 53708). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
clean up winkernel proxy
**What this PR does / why we need it**:
clean up winkernel proxy
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Need to validate taint effect when removing taints.
Instead of reporting taint not found, it's better to report user
that the effect is invalid. This will help user to check errors.
So when user tries to remove a taint, two conditions will be checked:
1. Whether or not the effect is an empty string.
2. Whether or not the non-empty effect is a valid taint effect.
**Release note**:
```release-note
None
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix 404 link in changelog-1.6
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubectl resource builder to use versioned list
Switch to using a versioned listed when return an object from the resource builder.
This is necessary to allow cli's built outside the kubernetes/kubernetes repo to vendor the resource builder logic without vendoring all of Kubernetes.
The following commands call the modified function. (identified by changing the function name and recompiling)
- [x] `attach`
- pkg/kubectl/cmd/attach.go:155: builder.Do().Object
- passes to `AttachablePodForObject` which does not support Lists of any kind
- [x] `get`
- pkg/kubectl/cmd/get.go:251: r.Object
- [x] check if isList with `IsListType` -> `GetItemsPtr` -> check for presence of `Items` field
- [x] pass to `ResourceVersion` -> `CommonAccessor` -> checks for `metav1.ListInterface` (which this PR introduces a compile time check to ensure v1.List implements this)
- [x] pass to `ExtractList` -> checks if items implement `runtime.RawExtension`
- [x] `rolling_update`
- pkg/kubectl/cmd/rollingupdate.go:207: request.Object
- only accepts lists of length 1. updated in PR to support both api.List and v1.List
- [x] `rollout_status`
- pkg/kubectl/cmd/rollout/rollout_status.go:107: r.Object
- passes to `ResourceVersion` -> `CommonAccessor` -> checks for `metav1.ListInterface`
```release-note
NONE
```
Closeskubernetes/kubectl#81
Automatic merge from submit-queue (batch tested with PRs 52747, 54329). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix scheduler permissions to be able to patch pods/status
Add "patch" to the list of default operations that kube-scheduler can perform on pods. In 1.8, kube-scheduler was setting annotations via pod/status update, but later it was changed to patch pods. This PR changes default RBAC permissions of kube-scheduler so that it can set annotations of pods.
```release-note
NONE
```
/sig scheduling
Automatic merge from submit-queue (batch tested with PRs 52747, 54329). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Device Plugin Endpoints correctly closes client connexion
**What this PR does / why we need it**:
Endpoints in the device plugin may unexpectedly end. Currently the connexion will not be properly closed.
This commit aims to fix this
Related issues #51993
**Special notes for your reviewer**: @jiayingz @mindprince @vishh
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54199, 54181, 54196). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Pass zone name instead of zone url to GCE API to update NIC setting for alias range
**What this PR does / why we need it**:
Zone passed to gce.serviceAlpha.Instances.UpdateNetworkInterface(...) as a URL as it results the following error:
Could not add alias 10.64.3.0/24 for node "kubernetes-minion-group-mhhd": googleapi: Error 400: Invalid value 'http://www.googleapis.com/compute/alpha/projects/bigclustertestdev0-devconsole/zones/dev-central1-std'. Values must match the following regular expression: '[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?', invalidParameter
The fix is to extract (last component of URL) the zone name from the corresponding resource URL.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
No issue filed yet.
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54199, 54181, 54196). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update openapi to use kube-openapi code
**What this PR does / why we need it**: OpenAPI code has moved to `github.com/kubernetes/kube-openapi`. Let's use that code as a dependency, since now it's duplicated.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51823
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
No user visible changes. Just code moving around.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix typos: replace SECONDARY-RANGE-NAME with SECONDARY_RANGE_NAME.
**What this PR does / why we need it**:
Without the fix, secondary_range_name in /etc/gce.conf in node will always be empty.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
addons/dns: changing probes for ANY IP record type
Signed-off-by: André Martins <aanm90@gmail.com>
**What this PR does / why we need it**:
Changes the kube-dns probes to ANY IP record to solve kube-dns probes failures when kubernetes master is running with an IPv6 only address.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51371
/sig network
/area ipv6
Automatic merge from submit-queue (batch tested with PRs 52147, 54309). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update bootstrap policy with replicaset/daemonset permissions in the apps API group
Resolves#54310
Bootstrap policy was not updated when replicasets and daemonsets got promoted to the apps group
```release-note
Resolves forbidden error when accessing replicasets and daemonsets via the apps API group
```
Automatic merge from submit-queue (batch tested with PRs 52147, 54309). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Deviceplugin refactoring: cleanup some unnecessary functions
**What this PR does / why we need it**:
cleanup some of unnecessary functions of deviceplugin to improve code readability
**Which issue this PR fixes**
fixes#51993
Part1
**Special notes for your reviewer**:
Currently, it seems that func `IsResourceNameValid` is not used outside and could be changed to internal.
But as Renaud commented, it is designed for potential usage from users outside.
And I could not find a better position to place the func, except for file `utils.go`. So, shall we just retain the `utils.go` file, and maybe for possible expansion in the future?
/cc @jiayingz @RenaudWasTaken @vishh
**Release note**:
```release-note
NONE
```
divyenpatel