Automatic merge from submit-queue
Rewrite service controller to apply best controller pattern
This PR is a long term solution for #21625:
We apply the same pattern like replication controller to service controller to avoid the potential process order messes in service controller, the change includes:
1. introduce informer controller to watch service changes from kube-apiserver, so that every changes on same service will be kept in serviceStore as the only element.
2. put the service name to be processed to working queue
3. when process service, always get info from serviceStore to ensure the info is up-to-date
4. keep the retry mechanism, sleep for certain interval and add it back to queue.
5. remote the logic of reading last service info from kube-apiserver before processing the LB info as we trust the info from serviceStore.
The UT has been passed, manual test passed after I hardcode the cloud provider as FakeCloud, however I am not able to boot a k8s cluster with any available cloudprovider, so e2e test is not done.
Submit this PR first for review and for triggering a e2e test.
Automatic merge from submit-queue
fix annotate.go single resource check
```release-note
Fix issue with kubectl annotate when --resource-version is provided.
```
When using `kubectl annotate` with a `--resource-version` on a resource, such as `kubectl annotate pod <pod_name> --resource-version=1820 description='myannotation'`, the command fails with the error: `error: --resource-version may only be used with a single resource`.
Upon printing the output of `resources` that the annotate command receives from cli args, it prints: `Resources:[pod <pod_name>]`. In other words, it treats the name of the resource as a second resource. This PR addresses this issue by using the resource builder `Singular` flag to determine if only a single resource was passed.
Automatic merge from submit-queue
Replace with explicit kubernetes fork path
At other place in development.md, explicit kubernetes fork path has been existed:
mkdir -p $GOPATH/src/k8s.io
cd $GOPATH/src/k8s.io
# Replace "$YOUR_GITHUB_USERNAME" below with your github username
git clone https://github.com/$YOUR_GITHUB_USERNAME/kubernetes.git
the following is easy to be confused and can be replaced with same description:
git clone https://path/to/your/fork .
Automatic merge from submit-queue
Added test to density that will run maximum capacity pods on nodes
Added a test to the Density Suite that will load the kubelets with their maximum capacity number of pods
Automatic merge from submit-queue
Reverted conversion of influx-db to PetSet.
```release-note
Reverted conversion of influx-db to Pet Set, it is now a Replication Controller.
```
Reverted conversion of influx-db to PetSet, it is now a Replication Controller and Persistent Volumes are no longer used.
* Add a pillar for hostname (because even if there's a good Salt
function for it, I don't trust it to return the short hostname)
* Move INITIAL_ETCD_CLUSTER to just the GCE turn-up
* Remove the master_name, which isn't needed as a pillar
Automatic merge from submit-queue
Handle container terminated but pod still running in conditions
Sometimes when you have a pod with more than one container, and the container runs and terminates really fast, `PodContainerRunning` can go into a state where the pod indicates it's still running, but the container is already terminated. Handle that condition by returning `ErrContainerTerminated` when it happens.
Automatic merge from submit-queue
Replacing skydns with kubedns for the juju cluster. #29720
```release-note
* Updating the cluster/juju provider to use kubedns in place of skydns.
```
Automatic merge from submit-queue
Install go-bindata in cross-build image
Another follow-up to #25584.
We need `go-bindata` to create `test/e2e/generated`, and downloading it with `go get` at build time is painful for a variety of reasons. We can just include it in the cross-build image and not worry about it, especially as it updates very infrequently.
This fixes `hack/update-generated-protobuf.sh` as well.
cc @jayunit100 @soltysh
Automatic merge from submit-queue
pv e2e refactor and pre-bind test
refactored persistentvolume e2e so that multiple It() tests can be run. Added one test case for pre-binding, but the overall structure of the test should allow additional test cases to be more easily added.
Automatic merge from submit-queue
rbac validation: rules can't combine non-resource URLs and regular resources
This PR updates the validation used for RBAC to prevent rules from mixing non-resource URLs and regular resources.
For example the following is no longer valid
```yml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1alpha1
metadata:
name: admins
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["*"]
nonResourceURLs: ["*"]
```
And must be rewritten as so.
```yml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1alpha1
metadata:
name: admins
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["*"]
- nonResourceURLs: ["*"]
verbs: ["*"]
```
It also:
* Mandates non-zero length arrays for required resources.
* Mandates non-resource URLs only be used for ClusterRoles (not namespaced Roles).
* Updates the swagger validation so `verbs` are the only required field in a rule. Further validation is done by the server.
Also, do we need to bump the API version?
Discussed by @erictune and @liggitt in #28304
Updates kubernetes/features#2
cc @kubernetes/sig-auth
Edit:
* Need to update the RBAC docs if this change goes in.
Automatic merge from submit-queue
Make verify-godeps check the results
Verify the results of godep restore/save. When forced to run this finds a handful of real deltas that need to be resolved.
Fixes#29402
@rmmh because you wrote #29571 which is the major culprit
Automatic merge from submit-queue
Prepare for using "ControllerRef" in scheduler
This is part of a PR that I already have to avoid a bunch of rebases in the future (controller ref probably won't happen in 1.4 release).
@davidopp
Automatic merge from submit-queue
Resolve docker-daemon cgroup issue for both systemd and non-systemd node for node e2e tests
Fixed https://github.com/kubernetes/kubernetes/issues/29827
cc/ @coufon this should unblock your pr: #29764
I validated both containervm image and coreos image, and works as expected.
This is also required for adding gci image to node e2e test infrastructure.
Automatic merge from submit-queue
Fix deployment e2e test: waitDeploymentStatus should error when entering an invalid state
Follow up #28162
1. We should check that max unavailable and max surge aren't violated at all times in e2e tests (didn't check this in deployment scaled rollout yet, but we should wait for it to become valid and then continue do the check until it finishes)
2. Fix some minor bugs in e2e tests
@kubernetes/deployment
derekwaynecarr