Automatic merge from submit-queue
Add local volume bug to known issues
**What this PR does / why we need it**:
Update known issues with local volume issue #48331
Automatic merge from submit-queue (batch tested with PRs 48399, 48450, 48144)
Skip errors when unregistering juju kubernetes-workers
**What this PR does / why we need it**: When removing a kubernetes node from using Juju and for some reason kubernetes master fails we should not error the node, instead we should proceed with the removal of the node and the master will recognise that node as unavailable because it will fail heartbeats.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes https://github.com/juju-solutions/bundle-canonical-kubernetes/issues/300
**Special notes for your reviewer**:
**Release note**:
```
Clean decommission of Juju kubernetes worker units
```
Automatic merge from submit-queue (batch tested with PRs 48399, 48450, 48144)
configure kube-proxy to run with unset conntrack param when in lxc
**What this PR does / why we need it**: Configures the Juju Charm code to run kube-proxy with `conntrack-max-per-core` set to `0` when in an lxc as a workaround for issues when mounting `/sys/module/nf_conntrack/parameters/hashsize`
**Release note**:
```release-note
Configures the Juju Charm code to run kube-proxy with conntrack-max-per-core set to 0 when in an lxc as a workaround for issues when mounting /sys/module/nf_conntrack/parameters/hashsize
```
Automatic merge from submit-queue (batch tested with PRs 48399, 48450, 48144)
Group and order imported packages.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #N/A
**Release note**:
```release-note-none
```
Automatic merge from submit-queue (batch tested with PRs 47162, 48444, 48445)
make the panic handler first
Move the panic handler to the beginning of the chain so that panics will get information in the log beyond a stack.
Automatic merge from submit-queue (batch tested with PRs 47162, 48444, 48445)
Introducing a cluster-scoped resource in the wardle.k8s.io group.
**What this PR does / why we need it**:
This PR adds a cluster-scoped resource to the wardle.k8s.io group.
The cluster scoped resource has a field that indicates Flunder.Names that are disallowed.
The resource is going to be used by an admission plugin.
The admission plugin will list the cluster-scope resources and check against banned names.
**Special notes for your reviewer**:
Issue: #47868
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48480, 48353)
remove tpr api access
xref https://github.com/kubernetes/kubernetes/issues/48152
TPR tentacles go pretty deep. This gets us started by removing API access and we'll move down from there.
@kubernetes/sig-api-machinery-misc
@ironcladlou this should free up the GC implementation since TPRs will no longer be present and failing.
```release-note
Removing TPR api access per https://github.com/kubernetes/kubernetes/issues/48152
```
Automatic merge from submit-queue (batch tested with PRs 48480, 48353)
Ensure namespace exists as part of RBAC reconciliation
reconciliation can race with the controller that creates the namespaces containing the bootstrap roles. if it loses, it gets a NotFound error trying to create the namespaced role/rolebinding.
Fixes https://github.com/kubernetes/kubeadm/issues/335
```release-note
RBAC role and role-binding reconciliation now ensures namespaces exist when reconciling on startup.
```
Automatic merge from submit-queue
Fix format of CHANGELOG
**What this PR does / why we need it**:
Fix format of CHANGELOG
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48473, 48341)
remove redundant alias
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
remove redundant alias
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48473, 48341)
Refactor podListEqual()
**What this PR does / why we need it**:
To solve the problem:
this is not correct if there are duplicate pods in the list.
for example: podListEqual([a, a, b], [a, b, b]) will return true
**Special notes for your reviewer**:
the original method is O(N^2), while current method is 3* O(N).
I think it is much better.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Factored out simulate from nodeShouldRunDaemonPod.
Addressed comments from https://github.com/kubernetes/kubernetes/pull/48189#issuecomment-312223162
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
none
```
/sig apps
Automatic merge from submit-queue
Pods which exit and won't restart should not be in the Endpoints.NotReadyAddresses
**What this PR does / why we need it**:
Such pods should not be in the Endpoints.NotReadyAddresses:
* Failed pods with restart policy=Never
* Succeeded pods with restart policy=Never
* Succeeded pods with restart policy=OnFailure
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#46776
**Special notes for your reviewer**:
/cc @wojtek-t
**Release note**:
```release-note
NONE
```
Refactors and removes the need for the more complex old code,
temporarily limits what output is shown for truly unknown objects (a
follow up change will allow server side handling and generic fallback),
and removes all of the generic printers in favor of a single code path.
Automatic merge from submit-queue
Use the azure certificate password when decoding the certificate
**What this PR does / why we need it**:
Use the correct password when decoding the azure client certificate.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#47286
cc @colemickens
Automatic merge from submit-queue
modify the meassage in kubectl secret command when the envFile path is not an file path
What this PR does / why we need it:
We found that the error message of kubectl secret command when the the envFile path is not an file path
is inaccurate and the style is different with which in kubectl configmap command. We modified “must be a file” to "env secret file cannot be a directory"
Special notes for your reviewer:
None
Automatic merge from submit-queue (batch tested with PRs 47043, 48448, 47515, 48446)
Fix charms leaving services running after remove-unit
**What this PR does / why we need it**:
This fixes a case where removed charm units can sometimes leave behind running services that interfere with the rest of the cluster.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
Fix charms leaving services running after remove-unit
```
Automatic merge from submit-queue (batch tested with PRs 47043, 48448, 47515, 48446)
Refactor slice intersection
**What this PR does / why we need it**:
In worst case, the original method is O(N^2), while current method is 3 * O(N).
I think it is better.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 47043, 48448, 47515, 48446)
Fix secret/configmap/projected volume update tests to work for large clusters
Fixes https://github.com/kubernetes/kubernetes/issues/48359
/cc @kubernetes/sig-node-pr-reviews @wojtek-t @gmarek
Automatic merge from submit-queue (batch tested with PRs 46926, 48468)
Fix typo in cluster size autoscaling tests selector
This caused tests not to be run automatically
Automatic merge from submit-queue (batch tested with PRs 46926, 48468)
Added helper funcs to schedulercache.Resource.
**What this PR does / why we need it**:
Avoid duplicated code slice by helper funcs.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#46924
**Release note**:
```release-note-none
```
The cluster scoped resource has a field that indicates Flunder.Names that are disallowed.
The resource is going to be used by an admission plugin.
The admission plugin will list the cluster-scope resources and check against banned names.
Issue: #47868
Automatic merge from submit-queue (batch tested with PRs 46928, 47345)
kubeadm: Move directory ./master to ./phases/controlplane
**What this PR does / why we need it**:
- Moves app/master into phases/controlplane. It should be in the phases directory, was just overlooked earlier
- Harmonizes the import names in phases/controlplane with the similar import names in cmd/kubeadm
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
Please review only second and third commit, based on https://github.com/kubernetes/kubernetes/pull/47339
Targets v1.8
**Release note**:
```release-note
NONE
```
@kubernetes/sig-cluster-lifecycle-pr-reviews @timothysc @pipejakob
Automatic merge from submit-queue
remove unused function and variable from audit backend
auditStringSlice is not used here anymore.
sink variable is also not used.
**Release note**:
```
NONE
```
Fixes: #47114
Kubernetes Submit Queue