Automatic merge from submit-queue
Export KUBE_VERSION for consumption by get-kube-binaries.sh
/assign @ixdy
https://github.com/kubernetes/kubernetes/pull/43331 will not have any effect until we update get-kube.sh to export KUBE_VERSION
Automatic merge from submit-queue (batch tested with PRs 43331, 43336)
Do not override KUBERNETES_RELEASE if already set
/assign @ixdy
If the user calls `get-kube.sh` with `KUBERNETES_RELEASE` and `KUBERNETES_RELEASE_URL` already set, continue to use these values.
Automatic merge from submit-queue
Update Dashboard version to v1.6.0
**What this PR does / why we need it**:
Updates dashboard addon to latest version. Changelog can be found [here](https://github.com/kubernetes/dashboard/releases/tag/v1.6.0).
**Release note**:
```release-note
Update dashboard version to v1.6.0
```
Automatic merge from submit-queue (batch tested with PRs 43254, 43255, 43184, 42509)
Symlink cluster/gce/cos to cluster/gce/gci
Fixes: #43139
As I just unfortunately found out after spending an hour getting to the point where I could test this, upgrade.sh does not support upgrading nodes to local binaries. So someone will have to cut a release to test whether this change actually works.
Automatic merge from submit-queue (batch tested with PRs 43254, 43255, 43184, 42509)
Re-add kube_proxy to the abac file (Match what we had in 1.5).
**What this PR does / why we need it**:
Make the ABAC file match what it was in 1.5. GKE rewrites the ABAC file every time, so we were clobbering the kube_proxy entry that used to exist. This would have gone unnoticed, but a separate bug in GKE is causing the token file rewrites to fail on GKE (meaning group used in RBAC aren't there).
**Which issue this PR fixes**
fixes#42746
@liggitt @krousey
Automatic merge from submit-queue
Allow ABAC to be disabled easily on upgrades
**What this PR does / why we need it**:
Adds a local variable to the configure-helper script so that ABAC_AUTHZ_FILE can be set to a nonexistent file in kube-env to disable ABAC on a cluster that previously was using ABAC.
@liggitt @Q-Lee
Automatic merge from submit-queue
Update npd to the official v0.3.0 release.
Update npd to the official release v0.3.0.
This also fixes a npd bug https://github.com/kubernetes/node-problem-detector/pull/98.
@dchen1107 @kubernetes/node-problem-detector-reviewers
Automatic merge from submit-queue (batch tested with PRs 43177, 43202)
Rename default storageclasses
From UX perspective, 'default' is a bad name for the default storage class:
```
$ kubectl get storageclass
NAME TYPE
default (default) kubernetes.io/aws-ebs
```
This is sort of OK, it gets more confusing when user is not happy with the
preinstalled default storage class and creates its own and makes it default:
```
NAME TYPE
default kubernetes.io/aws-ebs
iops (default) kubernetes.io/aws-ebs
```
This PR uses name of the underlying storage as name of the default storage class:
```
NAME TYPE
gp2 (default) kubernetes.io/aws-ebs
```
On GCE (and many others):
```
NAME TYPE
standard (default) kubernetes.io/gce-pd
```
Detailed list of names of new default storage classes:
* AWS: `gp2`
* GCE: `standard` (from pd-standard)
* vSphere: `thin`
* Cinder does not have a default - it's up to OpenStack admin to set some default and it can change at any time, using `standard` as the class name.
* I was not able to find details about Azure, using `standard` too.
@justinsb @jingxu97 @kerneltime @colemickens, PTAL quickly so we can catch 1.6.
```release-note
NONE
```
For 1.6 release manager, this PR just renames objects in addon manager.
From UX perspective, 'default' is a bad name for the default storage class:
$ kubectl get storageclass
NAME TYPE
default (default) kubernetes.io/aws-ebs
This is sort of OK, it gets more confusing when user is not happy with the
preinstalled default storage class and creates its own and makes it default:
NAME TYPE
default kubernetes.io/aws-ebs
iops (default) kubernetes.io/aws-ebs
Automatic merge from submit-queue (batch tested with PRs 43106, 43110)
Bumped rescheduler version to 0.3.0
fix#32531https://github.com/kubernetes/contrib/pull/2474 needs to be merged first
cc @ethernetdan @marun @k82cn @aveshagarwal
Automatic merge from submit-queue (batch tested with PRs 43018, 42713, 42819)
Update startup scripts for kube-dns ConfigMap and ServiceAccount
Follow up PR of #42757. This PR changes all existing startup scripts to support default kube-dns ConfigMap and ServiceAccount.
@bowei
cc @liggitt
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 42802, 42927, 42669, 42988, 43012)
Update Cluster Autoscaler entrypoint
**What this PR does / why we need it**:
Update Cluster Autoscaler manifest file to use new shell wrapper instead of directly calling CA binary (the wrapper is already included in current CA image).
Add params to improve logging.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 42940, 42906, 42970, 42848)
Enable RollingUpdates for the fluentd daemonset addon
In anticipation of needing to rev fluentd-gcp image versions in patch releases, we should enable rolling update so the new versions get rolled out in a timely manner.
/cc @ixdy
Automatic merge from submit-queue (batch tested with PRs 41794, 42349, 42755, 42901, 42933)
[Federation][e2e] Add framework for upgrade test in federation
Adding framework for federation upgrade tests. please refer to #41791
cc @madhusudancs @nikhiljindal @kubernetes/sig-federation-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 41830, 42630)
Arrange for elasticsearch to shutdown cleanly
Kubernetes initiates "graceful shutdown" by sending SIGTERM to pid 1, which
is exactly what elasticsearch is expecting (good!)
The way the existing startup scripts worked however, this signal arrived at
the shell wrapper, not elasticsearch, and the shell wrapper exited,
killing the container immediately (bad!)
Before this change:
```
1 ? Ss 0:00 /bin/sh -c /run.sh
6 ? S 0:00 /bin/bash /run.sh
13 ? S 0:00 \_ /bin/su -c /elasticsearch/bin/elasticsearch elasticsearch
14 ? Ss 0:00 \_ sh -c /elasticsearch/bin/elasticsearch
15 ? Sl 19:18 \_ /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java ... org.elasticsearch.bootstrap.Elasticsearch start
```
After this change:
```
1 ? Ssl 0:29 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java ... org.elasticsearch.bootstrap.Elasticsearch start
```
Automatic merge from submit-queue (batch tested with PRs 42877, 42853)
discriminate more when parsing kube-env :(
Exactly match the key. Right now CA_KEY matches ETCD_CA_KEY and we just pick the first because fml.
I HATE BASH
more fixes for kubelet rbac enablement upgrades.
Automatic merge from submit-queue (batch tested with PRs 42024, 42780, 42808, 42640)
Handle NPD during cluster upgrade.
Generate NPD token during upgrade.
I could not fully verify this change because of https://github.com/kubernetes/kubernetes/issues/42199. However, at least I tried upgrade master, and the corresponding environment variables are correctly generated.
```
...
ENABLE_NODE_PROBLEM_DETECTOR: 'standalone'
...
KUBELET_TOKEN: 'PKNgAaVXeL3VojND2s0KMleELjzGK0oW'
```
@maisem @dchen1107
Automatic merge from submit-queue (batch tested with PRs 42768, 42760, 42771, 42767)
Create EnsureExists class addons before Reconcile class addons
From #42757.
The addon-manager creates "Reconcile" class addons before creates "EnsureExists" class addons, which is not the best order. The "EnsureExists" class addons tend to be some default configurations like `default-storage-class` and `default kube-dns ConfigMap` (being added in #42757), and we would like to have these default configurations created before other addons are created.
@mikedanese @bowei
```release-note
NONE
```
Kubernetes Submit Queue