Automatic merge from submit-queue
vSphere cloud provider: ExternalID/InstanceID not returning appropriate error for non-existing VM
Addresses #33215.
When vCenter returns error vm not found, this is now being translated to
the appropriate error 'cloudprovider.InstanceNotFound' which indicates
to Kubernetes node controller that the VM is in fact not found.
Automatic merge from submit-queue
add system:discovery role
Adds a role for version negotiation from `kubectl`.
@mlbiam ptal. If it works for you, I think we can merge it.
@kubernetes/sig-auth fyi
Automatic merge from submit-queue
controller: don't retry deployments with overlapping selectors
Returning an error will cause the deployment to be requeued. We should
just emit an event for deployments with overlapping selectors and silently
drop then out of the queue. This should be transitioned to a Condition
once we have them.
@kubernetes/deployment ptal
Automatic merge from submit-queue
Add targets for PHONY in Makefile
Add targets for PHONY in Makefile and keep the same style between rules and PHONY
Signed-off-by: yuexiao-wang <wang.yuexiao@zte.com.cn>
Automatic merge from submit-queue
local-up-cluster.sh: add SERVICE_CLUSTER_IP_RANGE as option
Allows the user the use an environment variable to specify the SERVICE_CLUSTER_IP_RANGE without modifying the `hack/local-up-cluster.sh` script.
Signed-off-by: André Martins <aanm90@gmail.com>
Automatic merge from submit-queue
Prune unused parameters and call only once
Two parameters of `InstallServiceErrorHandler` were not used. Pruning them allows us to move the service error handler installation for each api group to be moved into the constructor.
Automatic merge from submit-queue
Fix cache expiration check
The check for whether an entry in the `forceLiveLookup` cache had expired was backwards. Fixed the logic and added tests
Previously we refused to emit 'autoConvert_*' functions if any field was not
convertible. The way around this was to write manual Conversion functions, but
to do so safely you must handle every fields. Huge opportunity for errors.
This PR cleans up the filtering such that it only operates on types that should
be converted (remove a lot of code) and tracks when fields are skipped. In
that case, it emits an 'autoConvert' function but not a public 'Convert'
function. If there is no manual function, the compile will fail.
This also means that manual conversion functions can call autoConvert functions
and then "patch up" what they need.
Automatic merge from submit-queue
Make upload-to-gcs.sh use a different prefix for tests in other repos.
For kubernetes/test-infra#476.
Also, put the repo in the build metadata so Gubernator can link to the
right thing for postsubmit jobs.
For PR #$NUM in a given repo, the logs will go to these places:
kubernetes/kubernetes => /pr-logs/pull/$NUM
kubernetes/test-infra => /pr-logs/pull/test-infra/$NUM
google/cadvisor => /pr-logs/pull/google_cadvisor/$NUM
Tested with a manual harness. Note that this leaves the latest/indirect
untouched as well as postsubmit jobs-- *job names* are still unique, the
main issue was that PR numbers might collide. Disturbing as little
structure as possible reduces how many things will break.
Automatic merge from submit-queue
Fixed a bug that causes k8s to delete all healthmonitors on your OpenStack tenant
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
The OpenStack LBaaS v2 api does not support filtering health monitors by pool_id, so /lbaas/healthmonitors?pool_id=abc123 will always return all health monitors in your OpenStack tenant.
This presents a problem when, in the very next block of code, we loop over the list of monitorIDs and delete them one-by-one. This will delete all the health monitors in your tenant without warning.
Fortunately, we already got the healthmonitor IDs when we built the list of pools. Using those, we can delete only those healthmonitors associated with our pool(s).
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
The main issue here was the use of v2_monitors.List(lbaas.network, v2_monitors.ListOpts{PoolID: poolID}). This is trying to filter healthmonitors by pool_id, but that is not supported by the API. It creates a call like /lbaas/healthmonitors?pool_id=abc123. The API server ignores the pool_id parameter and returns a list of all healthmonitors (which k8s then tries to delete).
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
```
Automatic merge from submit-queue
Un-xmlWrap the Test function.
#33361 is pretty much useless.
We should probably take a look at better integrating the new JUnit results into the munger/testgrid/gubernator, but this should make things better for now.
Automatic merge from submit-queue
add port validate when --port is set or --expose=true
```shell
$ kubectl run nginx --image=nginx --port=88888 --expose=true
The Deployment "nginx" is invalid.
spec.template.spec.containers[0].ports[0].containerPort: Invalid value: 88888: must be between 1 and 65535, inclusive
$ kubectl run nginx --image=nginx --port=0 --expose=true
error: --port must be a positive integer when exposing a service
```
1. when port is greater than 65535, port is required between 1 and 65535 and deployment 'nginx' can not be created.
2. when port is less than 1, port is not validated and deployment 'nginx' can be created. But service will be created failed.
so i add this change:
when --port is set or --expose=true, validate port range so that error reported can be the same when port is greater than 65535 or less than 1.
And this can also find the port range error before creating the deployment other than during creating the deployment.
Automatic merge from submit-queue
Update kubectl create message when using --dry-run
`kubectl create <resource> <name> --dry-run` provides a misleading success
message.
When commands such as `kubectl new-app node` are run with a
`--dry-run` flag, they make this clear by appending a "(DRY RUN)"
string to the final output. `kubectl create <resource> <name> --dry-run`
does not do this, providing a potentially misleading output.
This patch appends a "(DRY RUN)" string to the end of a successful
message of `kubectl create` subcommands that support the `--dry-run` flag.
`kubectl create quota quota --dry-run`
```
resourcequota "quota" created
```
`kubectl create quota quota --dry-run`
```
resourcequota "quota" created (DRY RUN)
```
**Release note**:
```release-note
release-note-none
```
rename plugin/pkg/client/auth/plugins.go package name to auth
add the plugin import line in client-gen
update import_known_versions for release_1_5 clientset
change copy.sh
Automatic merge from submit-queue
Fix DaemonSet namespace handling for predicates
In order to determine whether a node should run its daemon pod,
DaemonController creates a dummy pod based on DaemonSet's template and
then uses scheduler predicates (currently GeneralPredicates) to test
whether such pod can be run by the node. The problem was that
DaemonController was not setting Namespace for the dummy pod. This was
not affecting currently used GeneralPredicates but this problem could
bite later when some namespace-dependent predicates are added to
GeneralPredicates or directly to DaemonController's node checks
(e.g. pod affinity).
Stumbled upon it while working on e2e test for #31136
Automatic merge from submit-queue
Pass SelectionPredicate instead of Filter to storage layer
Depends on #31189 (first commit).
ref: #29888
What?
This PR removes the filtering logic and passes SelectionPredicate to storage layer.
Why?
Filter doesn't provide enough information of and isn't the right abstraction for indexing. We need to pass in SelectionPredicate instead.
Automatic merge from submit-queue
Default HTTP2 on, post fixes from #29001
This reverts commit 8cb799c789.
Enables HTTP2 on by default post fixes from https://github.com/kubernetes/kubernetes/issues/29001 for 1.5
NOTE: We are nearing lb connection limits at current thresholds.
/cc @bradfitz @lavalamp @smarterclayton
For kubernetes/test-infra#476.
Also, put the repo in the build metadata so Gubernator can link to the
right thing for postsubmit jobs.
For PR #$NUM in a given repo, the logs will go to these places:
kubernetes/kubernetes => /pr-logs/pull/$NUM
kubernetes/test-infra => /pr-logs/pull/test-infra/$NUM
google/cadvisor => /pr-logs/pull/google_cadvisor/$NUM
Tested with a manual harness. Note that this leaves the latest/indirect
untouched as well as postsubmit jobs-- *job names* are still unique, the
main issue was that PR numbers might collide. Disturbing as little
structure as possible reduces how many things will break.
Marek Grabowski