Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Restore show-kind function when printing multiple kinds
Fixes#61979
* Makes the human readable printer work off the options given to it for displaying kind
* Simplifies get.go to pass showkind/kind options into the printer rather than doing conditional fixup afterward
```release-note
kubectl: restore the ability to show resource kinds when displaying multiple objects
```
Automatic merge from submit-queue (batch tested with PRs 59533, 61971). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make certificate approve/deny no-op if CSR is already approved
Approval for CSRs is only needed once. If the CSR is already approved or
denied we can skip updating it. Add a `--force` flag that allows the
existing behavior for when a user has a specific need to update the CSR.
This is backwards compatible with the intended use of the conditions,
although it's possible some users are depending on the status being
updated. It makes bulk approval as an admin much faster for scripting.
@kubernetes/sig-auth-pr-reviews
```release-note
`kubectl certificate approve|deny` will not modify an already approved or denied CSR unless the `--force` flag is provided.
```
Automatic merge from submit-queue (batch tested with PRs 61929, 61965). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix dockershim CreateContainer error handling.
Found this bug in CRI validation test https://github.com/kubernetes-incubator/cri-tools/pull/282.
In https://github.com/kubernetes/kubernetes/pull/52077, we expect container creation to return error if `RunAsGroup` is specified without `RunAsUser` or `RunAsUsername`. However, the error returned is not handled.
@krmayankk This is only a corner case. Does this worth cherry-pick into 1.10?
@kubernetes/sig-node-bugs
Signed-off-by: Lantao Liu <lantaol@google.com>
**Release note**:
```release-note
none
```
Automatic merge from submit-queue (batch tested with PRs 61894, 61369). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Expose kubelet health checks using new prometheus endpoint
**What this PR does / why we need it**:
Expose the results of kubelet liveness and readiness probes through a new endpoint on the kubelet called /containerHealth. This endpoint will expose a Prometheus metric. Below is a snippet of output when that endpoint is queried.
```
rramkumar@e2e-test-rramkumar-master ~ $ curl localhost:10255/metrics/probes
# HELP prober_probe_result The result of a liveness or readiness probe for a container.
# TYPE prober_probe_result gauge
prober_probe_result{container_name="kube-apiserver",namespace="kube-system",pod_name="kube-apiserver-e2e-test-rramkumar-master",pod_uid="949e11ad296ad9e3c842fd900f8cc723",probe_type="Liveness"} 0
prober_probe_result{container_name="kube-controller-manager",namespace="kube-system",pod_name="kube-controller-manager-e2e-test-rramkumar-master",pod_uid="0abfc37840bba279706ec39ae53a924c",probe_type="Liveness"} 0
prober_probe_result{container_name="kube-scheduler",namespace="kube-system",pod_name="kube-scheduler-e2e-test-rramkumar-master",pod_uid="0cd4171f9c806808291e6e24f99f0454",probe_type="Liveness"} 0
prober_probe_result{container_name="l7-lb-controller",namespace="kube-system",pod_name="l7-lb-controller-v0.9.8-alpha.2-e2e-test-rramkumar-master",pod_uid="968c792f4c1772566c71403dca2407f9",probe_type="Liveness"} 0
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58235
**Release note**:
```release-note
Kubelet now exposes a new endpoint /metrics/probes which exposes a Prometheus metric containing the liveness and/or readiness probe results for a container.
```
Automatic merge from submit-queue (batch tested with PRs 61894, 61369). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use range in loops; misc fixes
**What this PR does / why we need it**:
It is cleaner to use `range` in for loops to iterate over channel until it is closed.
**Release note**:
```release-note
NONE
```
/kind cleanup
Approval for CSRs is only needed once. If the CSR is already approved or
denied we can skip updating it. Add a `--force` flag that allows the
existing behavior for when a user has a specific need to update the CSR.
This is backwards compatible with the intended use of the conditions,
although it's possible some users are depending on the status being
updated. It makes bulk approval as an admin much faster for scripting.
Automatic merge from submit-queue (batch tested with PRs 54997, 61869, 61816, 61909, 60525). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Balanced resource allocation priority to include volume count on nodes.
Scheduler balanced resource allocation priority to include volume count on nodes.
/cc @aveshagarwal @abhgupta
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58232
**Release note**:
```release-note
Balanced resource allocation priority in scheduler to include volume count on node
```
Automatic merge from submit-queue (batch tested with PRs 54997, 61869, 61816, 61909, 60525). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove alpha annotation for volume node affinity
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes # https://github.com/kubernetes/kubernetes/issues/61785
**Special notes for your reviewer**:
/assign @msau42
**Release note**:
```release-note
ACTION REQUIRED: Alpha annotation for PersistentVolume node affinity has been removed. Update your PersistentVolumes to use the beta PersistentVolume.nodeAffinity field before upgrading to this release
```
Automatic merge from submit-queue (batch tested with PRs 54997, 61869, 61816, 61909, 60525). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
certs: only append locally discovered addresses when we get none from the cloudprovider
The cloudprovider is right, and only cloudprovider addresses can be verified centrally, so don't add any extra when we have them.
Automatic merge from submit-queue (batch tested with PRs 54997, 61869, 61816, 61909, 60525). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improve api validation unit test coverage
**What this PR does / why we need it**:
Add UT for ValidatePodLogOptions and AccumulateUniqueHostPorts
Before
```
coverage: 60.0% of statements
ok k8s.io/kubernetes/pkg/api/v1/validation 0.058s
```
After:
```
coverage: 92.9% of statements
ok k8s.io/kubernetes/pkg/api/v1/validation 0.057s
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61871, 61890, 61786). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add unit testcases for ensureExternalLoadBalancer to make sure it doesn't panic when errors raised.
**What this PR does / why we need it**:
Add unit testcases for ensureExternalLoadBalancer to make sure it doesn't panic when errors raised. Increase code coverage from 76.5% to 81.5%.
<!--
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
-->
**Release note**:
```release-note
NONE
```
\assign @MrHohn
Automatic merge from submit-queue (batch tested with PRs 61871, 61890, 61786). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Specify DHCP domain for hostname
**What this PR does / why we need it**:
In 9a8c6db448, we looked at the hostname
in the metadata service and used '.' as the delimiter to chop off the
dhcp_domain (specified in nova.conf). However administrators need to
better control the dhcp domain better as there may be a '.' in the host
name itself. So let's introduce a config option that we can use and
default it to what nova uses when dhcp_domain is not specified which is
"novalocal"
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
new dhcp-domain parameter to be used for figuring out the hostname of a node
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubectl: fix a panic when createGeneratedObject failed
**What this PR does / why we need it**:
This PR fixed two bugs in the `kubectl run` command.
The first commit fixed a panic that can be reproduced with the following two commands:
```bash
kubectl run --image=alpine hello -- sleep 1d
kubectl run --image=alpine --stdin --tty --attach hello -- /bin/sh
```
When the panic happens, the stack trace is as the following:
```
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x8 pc=0x12f92e6]
goroutine 1 [running]:
k8s.io/kubernetes/pkg/kubectl/cmd.RunRun(0x1890d20, 0xc4207f6210, 0x184e700, 0xc42000c010, 0x184e720, 0xc42000c018, 0x184e720, 0xc42000c020, 0xc42052ef00, 0xc42054f980, ...)
/home/star/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/pkg/kubectl/cmd/run.go:328 +0x10b6
k8s.io/kubernetes/pkg/kubectl/cmd.NewCmdRun.func1(0xc42052ef00, 0xc42054f980, 0x2, 0x8)
/home/star/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/pkg/kubectl/cmd/run.go:105 +0x144
...
```
The reason for the panic is that the original code didn't handle the error returned by `createGeneratedObject` correctly. See https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L281
If the function `createGeneratedObject` fails, the returned `runObject` will be `nil`. At https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L328 a nil pointer dereference will happen.
The second problem this PR fixed is a resource leak if both `--rm` and `--expose` flags are provided. The original code used a map (https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L280) to trace the created objects. But at https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L296 the code will overwrite the previously created object with the same key. So at https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/run.go#L348 only the service will be deleted. The deployment will be left behind.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/kind bug
/sig cli
Automatic merge from submit-queue (batch tested with PRs 60990, 60947, 45275, 60565, 61091). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix service loadbalancer source range for ipvs proxy mode
**What this PR does / why we need it**:
fix service loadbalancer source range for ipvs proxy mode
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61090
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60990, 60947, 45275, 60565, 61091). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubectl cp command bug fix
**What this PR does / why we need it**:
when copy file from host to pod like this:
1.kubectl copy /tmp/test-file test-pod:/
2.kubectl copy /tmp/test-file test-pod:
example 1 will fail, example 2 will cause a panic.
This patch fix bugs above.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60564
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60990, 60947, 45275, 60565, 61091). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Support multi-container pod for "kubectl logs"
kubectl logs -l will print logs for pods with the same label, however it doesn't support pods with multi containers. This change adds support to it with --all-containers.
Ussage:
$ kubectl logs my-pod --all-containers
$ kubectl logs -laa=bb --all-containers
$ kubectl logs my-pod my-container --all-containers (err: container should not combined with --all-containers)
**Release note**:
```
add --all-containers option to "kubectl log"
```
Fixes:
https://github.com/kubernetes/kubectl/issues/371
Automatic merge from submit-queue (batch tested with PRs 60990, 60947, 45275, 60565, 61091). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add conflict detection feature to apply strategy
- Add DetectConflictor interface on Element level. Implemented it for particular elements.
- If Options.FailOnConflict is enabled, Merge will detect conflict by invoking doConflictDecect for particular element,
returning ConflictError with details.
- Add tests, including use case examples and illustration. For example: list, map, and complicated combination.
**What this PR does / why we need it**:
Apply is being rewritten under pkg/kubectl/apply/strategy based on visitor pattern. The new merge and replace code should check for conflicts between the recorded value and the remote value, and optionally return an error if they do not match with the field and details. A conflict is if the same field is specified in BOTH the recorded and the remote values of an object, but does not match.
**Which issue(s) this PR fixes**:
Fixes#60945https://github.com/kubernetes/kubectl/issues/97
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Ensure reasons end up as comments in kubectl edit.
**What this PR does / why we need it**:
This PR helps making sure that all text in the header of the file is prefixed with `#` when using `kubectl edit` to fix schema validation errors. The problem is best described with an example:
*Before:*
```yaml
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
# mycrd "example-cr" was not valid:
# * []: Invalid value: map[string]interface {}{"apiVersion":"example.com/v1alpha1", "kind":"MyCRD", "metadata":map[string]interface {}{"clusterName":"", "creationTimestamp":"2018-03-09T16:16:41Z", "name":"example-cr", "namespace":"default", "resourceVersion":"12399", "selfLink":"", "uid":"4089f5bd-23b5-11e8-a33f-42010aa40081", "generation":0}, "spec":map[string]interface {}{"size":-1}}: validation failure list:
spec.size in body should be greater than or equal to 1
#
apiVersion: example.com/v1alpha1
kind: MyCRD
```
This obviously won't be accepted as input, the user having to manually add a `#` to the line in the header.
*After:*
```yaml
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
# mycrd "example-cr" was not valid:
# * []: Invalid value: map[string]interface {}{"apiVersion":"example.com/v1alpha1", "kind":"MyCRD", "metadata":map[string]interface {}{"clusterName":"", "creationTimestamp":"2018-03-09T16:16:41Z", "name":"example-cr", "namespace":"default", "resourceVersion":"12399", "selfLink":"", "uid":"4089f5bd-23b5-11e8-a33f-42010aa40081", "generation":0}, "spec":map[string]interface {}{"size":-1}}: validation failure list:
# spec.size in body should be greater than or equal to 1
#
apiVersion: example.com/v1alpha1
kind: MyCRD
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
(None that I am aware of)
**Special notes for your reviewer**:
(None)
**Release note**:
```release-note
Ensure reasons end up as comments in `kubectl edit`.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Set leader-elect for kube-scheduler to true
**What this PR does / why we need it**:
Thanks to some great sleuthing by ikruglov!
kube-controller-manager defaults --leader-elect to true. We should
do the same for kube-scheduler. kube-scheduler used to have this
set to true, but it got lost during refactoring in:
efb2bb71cd
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#59729
**Special notes for your reviewer**:
**Release note**:
```release-note
kube-scheduler has been fixed to use `--leader-elect` option back to true (as it was in previous versions)
```
Thanks to some great sleuthing by ikruglov!
kube-controller-manager defaults --leader-elect to true. We should
do the same for kube-scheduler. kube-scheduler used to have this
set to true, but it got lost during refactoring in:
efb2bb71cd
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add support of Azure standard load balancer and public IP
**What this PR does / why we need it**:
This PR adds a new configure `loadBalancerSku` and `excludeMasterFromStandardLB` to support Azure standard load balancer and public IP.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
First step of #60485
**Special notes for your reviewer**:
This is the first step of #60485, and only VMAS is supported yet. VMSS support will be added in a following PR.
**Release note**:
```release-note
Azure cloud provider now supports standard SKU load balancer and public IP. To use it, set cloud provider config with
{
"loadBalancerSku": "standard",
"excludeMasterFromStandardLB": true,
}
If excludeMasterFromStandardLB is not set, master nodes are also added to the backend of standard LB.
```
In 9a8c6db448, we looked at the hostname
in the metadata service and used '.' as the delimiter to chop off the
dhcp_domain (specified in nova.conf). However administrators need to
better control the dhcp domain better as there may be a '.' in the host
name itself. So let's introduce a config option that we can use and
default it to what nova uses when dhcp_domain is not specified which is
"novalocal"
Automatic merge from submit-queue (batch tested with PRs 61829, 61908, 61307, 61872, 60100). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
node authorizer sets up access rules for dynamic config
This PR makes the node authorizer automatically set up access rules for
dynamic Kubelet config.
I also added some validation to the node strategy, which I discovered we
were missing while writing this.
This PR is based on another WIP from @liggitt.
```release-note
The node authorizer now automatically sets up rules for Node.Spec.ConfigSource when the DynamicKubeletConfig feature gate is enabled.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
CRI: define the mount behavior when host path does not exist
**What this PR does / why we need it**:
This PR defines the mounting behavior when host path does not exist in CRI. Specifically,
- If the hostPath doesn't exist (e.g. hostPath volume), runtimes should report errors
- If the specified hostPath is a symlink, runtimes should follow the symlink and mount the real destination to the container
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#52318
**Special notes for your reviewer**:
**Release note**:
```release-note
CRI: define the mount behavior when host path does not exist: runtime should report error if the host path doesn't exist
```
Automatic merge from submit-queue (batch tested with PRs 57658, 61304, 61560, 61859, 61870). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
certs: exclude more nonsensical addresses from SANs
I noticed this when I saw 169.254.* SANs using server TLS bootstrap.
This change excludes more nonsensical addresses from being requested as
SANs in that flow.
Automatic merge from submit-queue (batch tested with PRs 61904, 61565, 61401, 61432, 61772). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove rktnetes code
**What this PR does / why we need it**:
rktnetes is scheduled to be deprecated in 1.10 (#53601). According to the deprecation policy for beta CLI and flags, we can remove the feature in 1.11.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58721
**Special notes for your reviewer**:
**Release note**:
```release-note
Removed rknetes code, which was deprecated in 1.10.
```
/assign @yujuhong
/hold
Hold until the end of the freeze.
Automatic merge from submit-queue (batch tested with PRs 60420, 60590). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add UT test in qos if pod has one container scene
**What this PR does / why we need it**:
Add UT test in qos if pod has one container scene
https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add kubectl config view --raw example help user use
**What this PR does / why we need it**:
ref https://github.com/kubernetes/kubernetes/issues/61573
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
**Special notes for your reviewer**:
cc @liggitt @soltysh @juanvallejo
**Release note**:
```release-note
NONE
```
I noticed this when I saw 169.254.* SANs using server TLS bootstrap.
This change excludes more nonsensical addresses from being requested as
SANs in that flow.
Automatic merge from submit-queue (batch tested with PRs 61842, 61477, 61777). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Turn server-print on by default in kubectl
**What this PR does / why we need it**:
#55637 introduced `-experimental-server-print` that enabled users to opt-in to user server-side printing. This is a followup which enables this functionality by default, with the ability to fallback not to do it with `--server-print=false`.
/assign @smarterclayton @juanvallejo
**Release note**:
```release-note
Enable server-side print in kubectl by default, with the ability to turn it off with --server-print=false
```
Automatic merge from submit-queue (batch tested with PRs 61842, 61477, 61777). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use relative path for creating socket files
Fixes possible flake because of long TMPDIR path for bazel builds. Using relative path for creating unix sockets, the limit on length of unix socket path can be worked around.
Fixes https://github.com/kubernetes/kubernetes/issues/61844
```release-note
None
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Critical pods shouldn't be restricted to kube-system
**What this PR does / why we need it**:
To make sure that critical pods are not restricted to kube-system namespace.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60596
**Special notes for your reviewer**:
@bsalamat @liggitt @aveshagarwal - Can we hold this till we merge quota restriction PR #57963.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60166, 61706, 61769). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
use status.Errorf instead of Deprecated func grpc.Errorf
**What this PR does / why we need it**:
```
// Deprecated; use status.Errorf instead.
func Errorf(c codes.Code, format string, a ...interface{}) error {
return status.Errorf(c, format, a...)
}
```
func grpc.Errorf will be deprecated
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
use status.Errorf instead of Deprecated func grpc.Errorf
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Kubernetes Submit Queue