Automatic merge from submit-queue
kubeadm: Fix preflight check failure on node join.
We recently improved this to tolerate existence of things like
/etc/kubernetes/manifests/ as an empty dir, but forgot to do so for the
join pre-flight checks where it is also failing.
Instead ensure only the sub-directories and files we need are available.
CC @luxas @kubernetes/sig-cluster-lifecycle
Automatic merge from submit-queue
[Federation][(Un)join-01] Refactor common functions and structs into a util package.
Please review only the last commit here. This is based on PR #35495 which will be reviewed independently.
Design Doc: PR #34484
cc @kubernetes/sig-cluster-federation @quinton-hoole @nikhiljindal
Automatic merge from submit-queue
[Federation][unjoin-00] Implement `kubefed unjoin` command.
Please review only the last commit here. This is based on PR #35493 which will be reviewed independently.
I will add a release note separately for this entire feature, so please don't worry too much about the release note here in the PR.
Design Doc: PR #34484
cc @kubernetes/sig-cluster-federation @quinton-hoole @nikhiljindal
mac bash doesn't like |& because mac bash is really old. the formating of wc
is also sligthly different then on linux
```
$ # on linux
$ echo -n | wc -l
0
$ # on mac
$ echo -n | wc -l
0
```
Automatic merge from submit-queue
Move .gitattributes annotation to the root, so GitHub will respect them.
This should fix the merge conflicts by letting GitHub use the simpler line-by-line algorithm for this file. Having .gitattributes in a sub-directory would work for local merging, but would show conflicts on the web UI.
Automatic merge from submit-queue
Expose etcd version.
Ref #20504
This PRs makes use of the following two env variables
- ETCD_IMAGE (if set) allows to use a custom etcd image.
- ETCD_VERSION (if set) allows you to use custom version of etcd. The main purpose of using it may be rollback of etcd v3 API, where we need 3.0.* image, but are rolling back to 2.3.7.
We recently improved this to tolerate existence of things like
/etc/kubernetes/manifests/ as an empty dir, but forgot to do so for the
join pre-flight checks where it is also failing.
Instead ensure only the sub-directories and files we need are available.
Automatic merge from submit-queue
bazel: fix and start verify ./vendor/BUILD
-dry-run was not verifying vendor because the walkVendor path didn't print out a "wrote BUILD in ./vendor" message.
This is fixed by https://github.com/mikedanese/gazel/pull/2
Automatic merge from submit-queue
Avoid double decoding all client responses
Fixes#35982
The linked issue uncovered that we were always double decoding the response in restclient for get, list, update, create, and patch. That's fairly expensive, most especially for list. This PR refines the behavior of the rest client to avoid double decoding, and does so while minimizing the changes to rest client consumers.
restclient must be able to deal with multiple types of servers. Alter the behavior of restclient.Result#Raw() to not process the body on error, but instead to return the generic error (which still matches the error checking cases in api/error like IsBadRequest). If the caller uses
.Error(), .Into(), or .Get(), try decoding the body as a Status.
For older servers, continue to default apiVersion "v1" when calling restclient.Result#Error(). This was only for 1.1 servers and the extensions group, which we have since fixed.
This removes a double decode of very large objects (like LIST) - we were trying to DecodeInto status, but that ends up decoding the entire result and then throwing it away. This makes the decode behavior specific to the type of action the user wants.
```release-note
The error handling behavior of `pkg/client/restclient.Result` has changed. Calls to `Result.Raw()` will no longer parse the body, although they will still return errors that react to `pkg/api/errors.Is*()` as in previous releases. Callers of `Get()` and `Into()` will continue to receive errors that are parsed from the body if the kind and apiVersion of the body match the `Status` object.
This more closely aligns rest client as a generic RESTful client, while preserving the special Kube API extended error handling for the `Get` and `Into` methods (which most Kube clients use).
```
See issue #33128
We can't rely on the device name provided by Cinder, and thus must perform
detection based on the drive serial number (aka It's cinder ID) on the
kubelet itself.
This patch re-works the cinder volume attacher to ignore the supplied
deviceName, and instead defer to the pre-existing GetDevicePath method to
discover the device path based on it's serial number and /dev/disk/by-id
mapping.
This new behavior is controller by a config option, as falling back
to the cinder value when we can't discover a device would risk devices
not showing up, falling back to cinder's guess, and detecting the wrong
disk as attached.
Automatic merge from submit-queue
[Federation][join-01] Implement `kubefed join` command.
Supersedes PR #35155.
Please review only the last commit here. This is based on PR #35492 which will be reviewed independently.
I will add a release note separately for this entire feature, so please don't worry too much about the release note here in the PR.
Design Doc: PR #34484
cc @kubernetes/sig-cluster-federation @quinton-hoole @mwielgus
Automatic merge from submit-queue
Making the pod.alpha.kubernetes.io/initialized annotation optional in PetSet pods
**What this PR does / why we need it**: As of now, the absence of the annotation `pod.alpha.kubernetes.io/initialized` in PetSets causes the PetSet controller to effectively "pause". Being a debug hook, users expect that its absence has no effect on the working of a PetSet. This PR inverts the logic so that we let the PetSet controller operate as expected in the absence of the annotation.
Letting the annotation remain alpha seems ok. Renaming it to something more meaningful needs further discussion.
**Which issue this PR fixes** _(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)_: fixes https://github.com/kubernetes/kubernetes/issues/35498
**Special notes for your reviewer**:
**Release note**:
``` release-note
The annotation "pod.alpha.kubernetes.io/initialized" on StatefulSets (formerly PetSets) is now optional and only encouraged for debug use.
```
cc @erictune @smarterclayton @bprashanth @kubernetes/sig-apps
@kow3ns The examples will need to be cleaned up as well I think later on to remove them.
Automatic merge from submit-queue
Fix build break on non-Linux OS introduced in 87aaf4c0
**What this PR does / why we need it**: simple fix for build breakage on non-Linux OS.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
**Special notes for your reviewer**:
```console
+++ [1102 11:16:58] linux/amd64: go build started
+++ [1102 11:20:11] linux/amd64: go build finished
+++ [1102 11:16:58] darwin/amd64: go build started
# k8s.io/kubernetes/pkg/kubelet/dockershim/cm
pkg/kubelet/dockershim/cm/container_manager_unsupported.go:33: undefined: fmt in fmt.Errorf
+++ [1102 11:16:58] windows/amd64: go build started
# k8s.io/kubernetes/pkg/kubelet/dockershim/cm
pkg/kubelet/dockershim/cm/container_manager_unsupported.go:33: undefined: fmt in fmt.Errorf
Makefile:79: recipe for target 'all' failed
make[1]: *** [all] Error 1
Makefile:255: recipe for target 'cross' failed
make: *** [cross] Error 1
Makefile:239: recipe for target 'release' failed
make: *** [release] Error 1
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
split scheduler priorities into separate files
In the current state it's really hard to find a thing one is looking for, if he doesn't know already know where to look. cc @davidopp
Automatic merge from submit-queue
Hide groups with new versions from old kubectl
Fix https://github.com/kubernetes/kubernetes/issues/35791
**What caused the bug?**
In 1.5, we are going to graduate Policy and Apps to beta. Old version kubectl doesn't has the new versions built-in, its TRP dynamic discover thinks Policy/v1beta1 is a TPR, and tried to register it in kubectl's scheme. The registration failed because Policy group already exist, because kubectl had registered Policy.v1alpha1.
**How does this PR fix the bug?**
This PR let the API server hides Policy and Apps from old version kubectl, so TPR discovery won't see them.
Old version kubectl doesn't know about Policy/v1beta1 or Apps/v1beta1, and v1alpha1 will be removed, so old version kubectl won't work for Policy or Apps anyway, so this PR does not cause any function loss.
@kubernetes/sig-api-machinery @liggitt @smarterclayton @deads2k @janetkuo @mwielgus
GetDevicePath was currently coded to only support Nova+KVM style device
paths, update so we also support Nova+ESXi and leave the code such that
new pattern additions are easy.
Vishnu Kannan
