Automatic merge from submit-queue
Update proposed flag names for kubelet eviction
This PR changes the flag names proposed in kubelet eviction for minimum amount of resource to reclaim when triggering an eviction.
This captures the design change proposed and agreed to in #27199
Having it in a separate PR removes noise from reviewing the core PR.
/cc @vishh @ronnielai PTAL
Automatic merge from submit-queue
Makefile fixes and speed
A few fixes that, together, make the 'make' experience smoother and more seamless.
* `make clean all` works (@soltysh)
* `make clean` does no spend 5 seconds loading deps just to remove them
* deps building is faster
Fixes#28890
Ref #8830
Automatic merge from submit-queue
CRI: add LinuxUser to LinuxContainerConfig
Following discussion in https://github.com/kubernetes/kubernetes/pull/25899#discussion_r70996068
The Container Runtime Interface should provide runtimes with User information to run the container process as (OCI being one of them).
This patch introduces a new field `user` into `LinuxContainerConfig` structure. The `user` field introduces also a new type structure `LinuxUser` which consists of `uid`, `gid` and `additional_gids`.
The `LinuxUser` struct has been embedded into `LinuxContainerConfig` to leave space for future implementations which are not Linux-related (e.g. Windows may have a different representation of _Users_).
If you feel naming can be better we can probably move `LinuxUser` to `UnixUser` also.
/cc @mrunalp @vishh @euank @yujuhong
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Automatic merge from submit-queue
Delaying deliverer for Federated ReplicaSet
A helper struct to push data to a channel after a given delay. It runs on a single gouroutine and allows updates. An update cancels previous delivery if it was about to happen later than the new one. Otherwise the new update is discarded.
All data require a string key that is used to identify the data (for updates and de-duplication).
cc: @quinton-hoole @wojtek-t
Automatic merge from submit-queue
Federation: Use equivalent() instead of == to compare DNS ResourceRecordSets. Fixes#28135
Without this we sometimes incorrectly assume that DNS records hosted on cloud DNS servers need to be replaced when they don't need to be. This results in unnecessary churn on DNS records.
cc: @nikhiljindal @madhusudancs @mfanjie FYI
Automatic merge from submit-queue
test/e2e: plug time.Ticker resource leak.
This commit ensures that `logPodStartupStatus` does not leak
running `time.Ticker` instances. Upon termination of the consuming
routine, we stop the ticker.
Automatic merge from submit-queue
Removing images with multiple tags
If an image has multiple tags, we need to remove all the tags in order to make docker image removing successful.
#28491
Automatic merge from submit-queue
add enhanced volume and mount logging for block devices
Fixes#24568
Adding better logging and debugging for block device volumes and the shared SafeFormatAndMount (aws, gce, flex, rbd, cinder, etc...)
Automatic merge from submit-queue
Flannel doc description cidr modify
File "docs\proposals\flannel-integration.md", line 123, "node controller backs off cidr allocation", here cidr is not easy to understand, can be modified to CIDR.
Automatic merge from submit-queue
use regular client instead of kubectl in scheduler predicate tests when checking/setting/cleanning taints/labels
The existing implementation in scheduler predicate tests uses kubectl to check/set/clean taints/labels on node, which makes the test very related to kubectl.
This PR is to use regular client instead.
Automatic merge from submit-queue
two optimization for StartControllers in controllermanager.go
The PR changed two places to optimise StartControllers function in controllermanager.go.
Automatic merge from submit-queue
Add "federation" API group to the known versions list of federation API clients.
PR #29302 did not to add a list of known API groups to the release_1_4 client and that broke our tests. This PR should fix it (hopefully).
cc @quinton-hoole @nikhiljindal @kubernetes/sig-cluster-federation
Ref: #28615.
Automatic merge from submit-queue
controller/service: minor cleanup
1. always handle short case first for if statement
2. do not capitalize error message
3. put the mutex before the fields it protects
4. prefer switch over if elseif.
Automatic merge from submit-queue
Fix incorrect if conditions
When the current conditions `if inspect == nil && inspect.Config == nil && inspect.Config.Labels == nil` is true, the func containerAndPodFromLabels will return. else will not. Suppose `inspect != nil` but `inspect.Config == nil`, the current conditions will be false and the func won't return, then the below `labels := inspect.Config.Labels` will lead to panic.
Automatic merge from submit-queue
append an abac rule for $KUBE_USER.
Allows the specified basic-auth credentials to be authorized against all resources.
Fixes#28869.
This operation takes 2-5 seconds on every build, but doesn't actually need to
run most of the time. Now we cache it and see if it needs a rebuild (fast)
before actually rebuilding (slow).
Previously even 'make clean' would first produce dependency information (slow)
and sinclude all the metadata, possibly restarting the make, before removing
the things it just did.
Now dependencies are only processed when something explicitly depends on them,
by calling 'make' on the rules around generated files, rather than sincluding
them.
Net result: make clean is faster and safer. Additionally, bash tab-completion
for 'make' does not run the slow 'find' any more.
Automatic merge from submit-queue
Updating federation controllers to use release_1_4 clientset instead of release_1_3 clientset
release_1_4 client was introduced in https://github.com/kubernetes/kubernetes/pull/26588.
Motivation for this change: All changes are now being done to release_1_4 clientset. Namespaces for ex is included in federation_release_1_4 clientset but not in federation_release_1_3.
cc @caesarxuchao @kubernetes/sig-cluster-federation
Automatic merge from submit-queue
Add load balancer in front of apiserver in HA master setup
The first commit is just https://github.com/kubernetes/kubernetes/pull/29201 and has been already LGTMed.
Second commit has some small fixes:
1. Precompute REGION variable in config
2. Add timeout for waiting for loadbalancer
3. Fix kube-down so that it doesn't delete some resources if there are still masters/nodes in other zones
Second commit also fixes bug in https://github.com/kubernetes/kubernetes/pull/29201 where variable `REGION` was unset in `kube-down` when deleting master IP. The bug caused leaking of IP addresses.
https://github.com/kubernetes/kubernetes/issues/21124
@davidopp @jszczepkowski @wojtek-t @mikedanese
Automatic merge from submit-queue
Revert "Drop support for --gce-service-account, require activated creds"
Reverts kubernetes/kubernetes#28802
This appears to break the soak tests with "invalid grant" errors -- see the recent batch of errors in #27920.
derekwaynecarr