Automatic merge from submit-queue
Support trust id as a scope in the OpenStack authentication logic
This patch allows the use of Kubernetes with Keystone trust delegation to avoid passing the user credentials in clear inside the config file : a specific user with delegated rights can be created and used instead.
Automatic merge from submit-queue
kubeadm: fix preflight checks
This PR fixes a couple issues cause by some bad rebases:
* When a pre-flight check returned errors, `kubeadm` would exit with error code `1` instead of `2` as the original pre-flight PR meant. This would also cause the output of `kubeadm` to include some stuff that was not supposed to be there.
* Duplicated `k8s.io/kubernetes/cmd/kubeadm/app/util` import.
I also took the freedom to do some output clean-up based on the input from the original pre-flight PR.
/cc @dmmcquay @dgoodwin @luxas
Automatic merge from submit-queue
NodeController waits for informer sync before doing anything
cc @lavalamp @davidopp
```release-note
NodeController waits for full sync of all it's informers before taking any action.
```
rename the variable
make parameter more flexible
handle docker config file path
use a single set of paths
delete debug print
gofmt
delete the empty line
comment is not correct
move the comment to the correct place
keep original signature
godoc
Automatic merge from submit-queue
Run rbac authorizer from cache
RBAC authorization can be run very effectively out of a cache. The cache is a normal reflector backed cache (shared informer).
I've split this into three parts:
1. slim down the authorizer interfaces
1. boilerplate for adding rbac shared informers and associated listers which conform to the new interfaces
1. wiring
@liggitt @ericchiang @kubernetes/sig-auth
Automatic merge from submit-queue
Move RunRC-like functions to test/utils
Ref. #34336
cc @timothysc - the "move" part of the small refactoring. @jayunit100
This patch adds a global timeout flag (viewable with `kubectl -h`) with
a default value of `0s` (meaning no timeout).
The timeout value is added to the default http client, so that zero
values and default behavior are enforced by the client.
**Example**
```
$ kubectl get pods # no timeout flag set - default to 0s (which means no
timeout)
NAME READY STATUS RESTARTS AGE
docker-registry-1-h7etw 1/1 Running 1 2h
router-1-uv0f9 1/1 Running 1 2h
$ kubectl get pods --timeout=0 # zero means no timeout no timeout flag set
NAME READY STATUS RESTARTS AGE
docker-registry-1-h7etw 1/1 Running 1 2h
router-1-uv0f9 1/1 Running 1 2h
$kubectl get pods --timeout=1ms
Unable to connect to the server: net/http: request canceled while
waiting for connection (Client.Timeout exceeded while awaiting headers)
```
Automatic merge from submit-queue
Improve edit experience
Improve edit experience a bit according [#26050(comment)](https://github.com/kubernetes/kubernetes/issues/26050#issuecomment-246089751)
> a) always go back to the editor
b) always retain what I hand-edited, even if that has to be in comments
@janetkuo
Add a way to set resource limits/requests on running pods
Ref: https://github.com/kubernetes/kubernetes/issues/21648
I squashed the commits to make rebasing easier
Change log:
- fixed a typo that caused the command to be run with kubectl set set instead of the correct kubectl set limit
- added a ResourcesWithPodTemplates to pkg/kubectl/cmd/util/factory.go
instead of hardcoding these resources move there description all in one place
- Fixing some of the flow control in kubectl set limit
- update the help info
- changed the name of ResourcesWithPodTemplates to ResourcesWithPodSpecs to more accuratly describe what it is doing
and changed the variable names to lower case to conform to go's variable naming convention
- changing the name of the command from 'set limit' to 'set resources'
- Adding the new file pkg/kubectl/cmd/set/set_resources.go
- changes to the test cases to reflect the change from 'kubectl set limit' to 'kubectl set resources'
- comment removed
- adding the man page to the git repository attempting to fix Jenkins tests
- adding the user guide
- fixed a few typos
- typo in hack/cmd-test.sh
- implamenting suggestions for command help text
- adding the dry-run flag
- removing the "remove" option in favor of zeroing out request/limits in order to remove them
- changed limits/requests to requests/limit
- changing ResourcesWithPodSpec
- updated generated docs and removed whitespace
- change priint on success message from "resource limits/requests updated" to "resource requirements updated"
- minor rebasing issues - 'hack/test-cmd.sh' now passes
- cmdutil.PrintSuccess added another argument
- fixing mungedocs failure
- removed whitespace from hack/make-rules/test-cmd.sh and an erroneous entry from pkg/cloudprovider/providers/openstack/MAINTAINERS.md
- fixed typo in Short: field of the cobra command
- rebased
- Creating a new factory in the ResourcesWithPodSpecs() so that the testing will pass
- changing ResourcesWithPodSpecs, it doesn't need to be a method of factory
Automatic merge from submit-queue
e2e: don't require minimum availability once scaling takes place
This test shouldn't care about availability at all in the first place.
@mfojtik @kubernetes/deployment ptal
Fixes https://github.com/kubernetes/kubernetes/issues/34717
Automatic merge from submit-queue
Log more information on pod status updates
Also bump the logging level to V2 so that we can see them in a non-test
cluster.
Automatic merge from submit-queue
azure: lower log priority for skipped nic update message
**What this PR does / why we need it**: Very minor, just wanted to remove some log noise I introduced in #34526.
I chose `V(3)` since it aligns with the other nicupdate message printed out here, and will be hidden for the usual default of `--v=2`.
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
NONE
```
Automatic merge from submit-queue
Merge string flag into util flag
Continuing my work on https://github.com/kubernetes/kubernetes/issues/15634
This refactoring is expected to be completely finished and then I will add a verify scripts in `hack`
Automatic merge from submit-queue
split genericapiserver configuration apart so that you can run withou…
…t flag options
@dims Take a look at this re-slicing of the `genericapiserver.Config` creation. I think this helps composers overall and resolves the chicken/egg problem you were having.
Automatic merge from submit-queue
Update scheduler perf to spin up similar client to other tests
Seems to Fix#34504 . But I'm not sure what the mechanics of the underlying client objects is all supposed to be.
Automatic merge from submit-queue
Assign options.Err in "set image"
**What this PR does / why we need it**:
There is a usage of options.Err in a Printf, but this option is never set.
This patch passes the stderr into the command and assigns the option correctly.
**Which issue this PR fixes**
fixes#34433
**Special notes for your reviewer**:
None
**Release note**:
```release-note
```
Automatic merge from submit-queue
Remove scheduler flags that were marked as deprecated 2+ releases ago.
Starting to spin back into scheduler testing and performance evaluation, and I noticed some leftover cleanup work from 2+ releases ago.
**Release note**: Removed unused bind-pods-qps, and bind-pods-burst flags from the scheduler.
Kubernetes Submit Queue