Automatic merge from submit-queue (batch tested with PRs 43887, 41914, 44170)
Make NetworkPolicy docs reflect reality
spinoff of #39164; this just updates the docs to reflect the way the v1beta1 API has actually been implemented
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
proxy/iptables: precompute svcPortName strings
With many services, the calls to svcPortName.String() show up as a
somewhat significant CPU user under syncProxyRules().
For whatever reason github repeatedly fails to upload the pprof with Firefox, so here's an example:
http://people.redhat.com/dcbw/kube-proxy-svcPortName-String.pdf
Automatic merge from submit-queue
[Federation][kubefed] Annotate all Federation API objects with the federation name and (if applicable) the cluster name.
Address part of #42324.
```release-note
Adds annotations to all Federation objects created by kubefed.
```
Automatic merge from submit-queue (batch tested with PRs 44286, 44209)
[Federation][Kubefed] Bug fix to enable disabling federation controllers through override args
Targets https://github.com/kubernetes/kubernetes/issues/42761
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
https://github.com/kubernetes/kubernetes/issues/42761
**Special notes for your reviewer**:
@marun @perotinus @nikhiljindal
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 44286, 44209)
Refactor leader election package test code to remove redundant code
**What this PR does / why we need it**:
leader election object supports locking on 2 objects currently endpoints and configmap. The test code for both is almost identical. This pr attempts to remove redundancy in test code for easier maintenance and extension.
**Special notes for your reviewer**:
I am trying to add leader election feature to federation controller manager and this pr is one of sub-task of the overall work documented in #44283
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 43273, 44287, 44281)
Remove ObjectMetaFor
Builds on https://github.com/kubernetes/kubernetes/pull/43767
The second commit removes `ObjectMetaFor`. This was debt we left around after we created the interfaces. Fixing this makes it possible to start running `Unstructured` through generic storage.
@kubernetes/sig-api-machinery-pr-reviews @smarterclayton @lavalamp
Automatic merge from submit-queue (batch tested with PRs 43273, 44287, 44281)
[Federation] Remove deprecated federation-apiserver-kubeconfig secret
federation-apiserver-kubeconfig was deprecated and was supposed to be removed in 1.6.
Removing all references to it as we no longer use it.
**Release note**:
```
[Federation] Deprecated `federation-apiserver-kubeconfig` is not supported anymore. Should use `--kubeconfig` flag to specify Federation API server kubeconfig.
```
cc @kubernetes/sig-federation-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 43273, 44287, 44281)
bump(github.com/onsi/ginkgo):v1.2.0-94-g5ca1211
Picks up parallel execution improvements in Ginkgo that distribute jobs more evenly with parallel runs. Opened after observing long tail runs in OpenShift - testing there showed a much more compact run in terms of CPU https://github.com/onsi/ginkgo/issues/333
We'll need some soak time to be sure this has no issues.
Automatic merge from submit-queue (batch tested with PRs 43866, 42748)
hack/cluster: download cfssl if not present
hack/local-up-cluster.sh uses cfssl to generate certificates and
will exit it cfssl is not already installed. But other cluster-up
mechanisms (GCE) that generate certs just download cfssl if not
present. Make local-up-cluster.sh do that too so users don't have
to bother installing it from somewhere.
Automatic merge from submit-queue
Update owners to include kerneltime
**What this PR does / why we need it**: Update owners to include kerneltime to help with PRs
Automatic merge from submit-queue (batch tested with PRs 43870, 30302, 42722, 43736)
federation: avoid double core group registration
The federation apiserver installed its custom core group into the global `pkg/api` registry, leading to double registration. Luckily (or maybe unfortunately) we did not fail hard in this case, but the init funcs just ignored the error.
This PR creates an extra apigroup registry based on the already existing federation `core.Scheme`. This decouples the two core groups (which happen to co-exist in hyperkube).
Automatic merge from submit-queue (batch tested with PRs 43870, 30302, 42722, 43736)
Admission plugin to merge pod and namespace tolerations for restricting pod placement on nodes
```release-note
This admission plugin checks for tolerations on the pod being admitted and its namespace, and verifies if there is any conflict. If there is no conflict, then it merges the pod's namespace tolerations with the the pod's tolerations and it verifies them against its namespace' whitelist of tolerations and returns. If a namespace does not have its default or whitelist tolerations specified, then cluster level default and whitelist is used. An example of its versioned config:
apiVersion: apiserver.k8s.io/v1alpha1
kind: AdmissionConfiguration
plugins:
- name: "PodTolerationRestriction"
configuration:
apiVersion: podtolerationrestriction.admission.k8s.io/v1alpha1
kind: Configuration
default:
- Key: key1
Value: value1
- Key: key2
Value: value2
whitelist:
- Key: key1
Value: value1
- Key: key2
Value: value2
```
Automatic merge from submit-queue
Update link in README after docs migration
Fixing what-is-k8s link in README. This removes an extra hop caused by docs migration.
Automatic merge from submit-queue
remove go-restful from namer for rest handling
Our RESTHandler code is currently tightly coupled to go-restful, but there's no reason for this coupling. It makes integrations that want API handling (decode, sanity check, admission, verb handling), but don't need the REST installer flow impractical. I know of two layers now: metrics and TPR.
This starts the process of unwinding by switching the `ScopeNamer` (used for request identification and selflinks) to use the standard http library along with the `RequestInfo` we place in the context for authorization and any other interested layer.
@kubernetes/sig-api-machinery-misc @smarterclayton @ncdc @sttts
Automatic merge from submit-queue (batch tested with PRs 41758, 44137)
Removed hostname/subdomain annotation.
fixes#44135
```release-note
Remove `pod.beta.kubernetes.io/hostname` and `pod.beta.kubernetes.io/subdomain` annotations.
Users should use `pod.spec.hostname` and `pod.spec.subdomain` instead.
```
Automatic merge from submit-queue
test/e2e*: add/update README.md files
**What this PR does / why we need it**:
This PR is adding `README.md` files with a link to the documentation to all E2E tests.
Automatic merge from submit-queue
only log stacks on server errors
Stack traces on http logging statements can be useful, but you usually only need them for server errors not for things like redirects or even client errors since the server won't be fixing those.
This tightens the "log stack" behavior to only happen for server errors. Messages will still be logged, but the automatic stacks will only come out for server errors.
@enj @mfojtik @smarterclayton
@kubernetes/sig-api-machinery-misc
Automatic merge from submit-queue
Improvements to mustrunas_test.go
refs #41990
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#41990
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue
Improve event msg for PV controller when using external provisioner
Improve event msg for PV controller when using external provisioner
**Which issue this PR fixes** *:
Fixed part of #42121
**Special notes for your reviewer**:
@jsafrane, as many of our users are confused by the original message, can we fix the message first and then consider how to control the count of the events?
Tim Hockin