Automatic merge from submit-queue (batch tested with PRs 44590, 44969, 45325, 45208, 44714)
Enable basic auth username rotation for GCI
When changing basic auth creds, just delete the whole file, in order to be able to rotate username in addition to password.
Centos has sha1sum, instead of "shasum -a1". Modified script to
check for existence fo shasum, and if not present, use sha1sum
for coverage test processing. If neither are available, an error
will be reported and processing stopped.
Automatic merge from submit-queue
Kubectl taint node based on label selector
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #44522
**Release note**:
```
Taints the node based on label selector
```
Automatic merge from submit-queue (batch tested with PRs 45322, 44770, 45411)
Fix and make TaintManager harder to break before we move it out of NC
Fix#45342
cc @gyliu513
Automatic merge from submit-queue (batch tested with PRs 45322, 44770, 45411)
Re-architecture of scheduler perf tests to make them more extendable
**What this PR does / why we need it**:
**Special notes for your reviewer**:
This is for re-architecture of scheduler, so that we can enable or disable certain predicates and priorities and see their impact.
**Release note**:
```release-note
Scheduler perf modular extensions.
```
Automatic merge from submit-queue (batch tested with PRs 45322, 44770, 45411)
Put podAntiAffinity in PodSpec.
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
In 1.6, we moved the `affinity` from `annotations` to `PodSpec`, but the `annotations` still works with `AffinityInAnnotations=true`. Please check https://docs.google.com/document/d/1YP3OJTKMpXkWAhipPjx9-bDMxJ87JZ6AcVak7c3SGos/edit for detail.
**Release note**:
```release-note
```
Fixed#45318
Automatic merge from submit-queue
add set rolebinding/clusterrolebinding command
add command to set user/group/serviceaccount in rolebinding/clusterrolebinding /cc @liggitt @deads2k
Automatic merge from submit-queue
OWNERS: add directxman12 to pkg/apis/autoscaling
Added directxman12 (current SIG lead of SIG-autoscaling) as a reviewer for pkg/apis/autoscaling.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 43732, 45413)
Extend timeouts in timed_workers_test
Fix#45375
If it won't be enough I'll rewrite it to allow injectable timers.
Automatic merge from submit-queue (batch tested with PRs 43732, 45413)
Handle maxUnavailable larger than spec.replicas
**What this PR does / why we need it**:
Handle maxUnavailable larger than spec.replicas
**Which issue this PR fixes**
fixes#42479
**Special notes for your reviewer**:
None
**Release note**:
```
NONE
```
Automatic merge from submit-queue
Edge based userspace proxy
Second last PR from my changes to kube-proxy to make it event-based.
This is switching userspace proxy to be even-based similarly to what we already did with iptables.
Automatic merge from submit-queue
Keep UserAgentName style consistent
Keep using UserAgentName for controllers and add some logs for debugging
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Only tag release containers if the name is different.
Fixes docker build issue found recently when trying to build v1.7.0-alpha.3.
ref #44981
Automatic merge from submit-queue
Fix yet another bug in OpenAPI extension generation
A comment extension for a type is ignored if the type already has extensions (e.g. GVK).
Automatic merge from submit-queue (batch tested with PRs 45364, 45369, 45323)
Fix namespace deletion log in e2e test framework.
**What this PR does / why we need it**:
Current log message for namespace deletion will show under wrong condition.
**Which issue this PR fixes**
**Release note**:
NONE
Automatic merge from submit-queue (batch tested with PRs 45364, 45369, 45323)
kubeadm: edit apiserver flags for storage-backend
**What this PR does / why we need it**: Since storage-backend defaults to etcd3 in 1.6 (see https://github.com/kubernetes/kubernetes/pull/36229), no need to have a flag defining the default.
**Special notes for your reviewer**: /cc @luxas
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
[Federation] Record events in federated updater
Controllers for federated types were previously recording events when generating the list of operations. This change delegates responsibility for recording events to the federated updater so that events are recorded when the operations are actually executed, and ensures consistency across recording of both operation initiation and failure.
The deletion helper was similarly updated to rely on the federated updater for event recording. To support this change to the deletion helper, controllers have been updated to provide a namespace qualified name via the objNameFunc function to ensure that the updater can record events for deletions with the same detail as for add and update operations.
cc: @kubernetes/sig-federation-pr-reviews @perotinus
Automatic merge from submit-queue (batch tested with PRs 45309, 45376)
kubeadm: Fix the tainting of the master node
**What this PR does / why we need it**:
Currently, kubeadm unintentionally removes Taints set with the kubelet flag `--register-with-taints` when creating a new Taint slice instead of appening the existing one. This PR fixes that behavior.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
This should be a cherrypick candidate for v1.6 cc @enisoc
**Release note**:
```release-note
kubeadm: Fix invalid assign statement so it is possible to register the master kubelet with other initial Taints
```
@jbeda @dmmcquay @mikedanese @krousey PTAL, very straightforward PR
Automatic merge from submit-queue (batch tested with PRs 45309, 45376)
Allow passing --enable-kubernetes-alpha to GKE e2e tests
**What this PR does / why we need it**:
This allows us to pass --enable-kubernetes-alpha when running GKE e2e tests.
**Release note**:
```
NONE
```
@dchen1107
Automatic merge from submit-queue
De-flaking E2E: PersistentVolumes[Disruptive] - restart kubelet via service manager CLI
Current process for restarting the kubelet accesses `/etc/init.d/kubelet`, which is not a common path across OSes. This PR changes the behavior of `kubeletCommand()` to instead attempt restarting the kubelet service through the system manager CLI. It first attempts a systemd call, then falls back to sysVinit. If neither calls work, the test exits.
This PR _does not_ remove `[Flaky]`. Right now, the test fails consistently in the gci-gce-flaky suite. After merge, I'll monitor the test grid for ~week. If no flakes appear, I'll submit a pr to pull the Flaky tag off.
Additional Changes
- Improved error messages
- Cleanup on failure in `initTestCase`
Fixes#44933
**Release note**:
```release-note
NONE
```
Kubernetes Submit Queue