Automatic merge from submit-queue
Implement first version of indexing in cacher
This PR adds a first version of indexing in cacher.
It has a really significant impact on performance - __in empty 2000-node cluster, apiserver cpu usage drops by ~75%.__
Not for 1.3, but we need this soon after 1.3 is done.
@lavalamp @mqliang @davidopp @gmarek @kubernetes/sig-scalability
Automatic merge from submit-queue
Don't check in generated code, part 1
This PR is a first step towards not commiting generated files, which make up a huge portion of "needs rebase" errors. It only handles deep-copy generation and conversion generation. More will come later, if the model passes muster.
This is a mega-PR. Sorry. It was necessary to do 2 generators to convince myself it worked, and the evolution of the techniques warranted multiple commits. I have tried to keep the commits self-contained and reviewable.
A quick summary of the major points in the series:
- Start by making everything call `make` rather than the various hack/* scripts. The hack scripts still exist, but give a warning to use make instead, and then they do what they did before, so it should be compatible.
- Move deepcopy generation into the Makefile, so it is done automatically
- Move conversion generation into the Makefile, so it is done automatically
- Optimize makefile for faster rebuilds
- Make CI pass
Net result: if you run "make", it will rebuild any deepcopy or conversion files it needs. It takes a few seconds to figure out there's nothing to do, but it should be a net savings. There is more to do, and we can follow this up with other generators being converted, some of which are MUCH slower than these 2.
@wojtek-t @lavalamp @smarterclayton @bgrant0607 @mikedanese @madhusudancs
Automatic merge from submit-queue
check PodAntiAffinity even when pod has no AntiAffinity constraints
Hard inter-pod anti-affinity is designed to be symmetric, in other word, the algorithm should check if AntiAffinity constraints from both the pod to be scheduled and pods already running are satisfied during scheduling.
Current implementation skipped the checking when pod has no AntiAffinity constraints, ignored the anti-affinity constraints of existing pods , which is not correct. This PR is to fix it.
This is sort of gravy. There's no good way to do this for arbitrary
directories because of the way Make works (we'd have to declare them all
PHONY).
If people hate using make directly we could wrap it in another level of
indirection, but I didn't yet. E.g.
build/make-all.sh -> make -> make-rules/all.sh -> go install
This would insulate people from 'make' atthe cost of custom build tools. I
prefer being able to say 'make' and having it just work.
This mostly takes the previously checked in files and removes them, and moves
the generation to be on-demand instead of manual. Manually verified no change
in generated output.
This allows us to start building real dependencies into Makefile.
Leave old hack/* scripts in place but advise to use 'make'. There are a few
rules that call things like 'go run' or 'build/*' that I left as-is for now.
Automatic merge from submit-queue
Deepcopy: avoid struct copies and reflection Call
- make signature of generated deepcopy methods symmetric with `in *type, out *type`, avoiding copies of big structs on the stack
- switch to `in interface{}, out interface{}` which allows us to call them with without `reflect.Call`
The first change reduces runtime of BenchmarkPodCopy-4 from `> 3500ns` to around `2300ns`.
The second change reduces runtime to around `1900ns`.
Automatic merge from submit-queue
controller: wait for synced old replica sets on Recreate
Partially fixes https://github.com/kubernetes/kubernetes/issues/27362
Any other work on it should be handled in the replica set level (and/or kubelet if it's required)
@kubernetes/deployment PTAL
Automatic merge from submit-queue
Fix some errors in the e2e doc and make it more consistent
- "--tests" is not a valid argument
- use --ginko-skip to exclude (not focus)
- add "--check_node_count=false" to test against local cluster
- always use "--" for long args (there was a mix of "-" and "--" and it was a bit confusing)
Automatic merge from submit-queue
node_e2e: configure gce images via config file
This file provides the abiliy to specify image project on a per-image
basis and is more extensible for future changes.
For backwards compatibility and local development convenience, the
existing flags are kept and should work.
The eventual goal is to be able to source some images, such as the CoreOS one (and possibly containervm one) from their upstream projects and do all new configuration changes via a cloud-init key added to the image config.
This PR is a first step there. A following PR will add a config key of `cloud-init` or `user-data` and migrate the CoreOS e2e to use that.
This motivation is driven by the fact that currently the changes needed for the CoreOS image can all be done quickly in cloud-init and this will make it much easier to update the image and ensure that changes are applied consistently.
/cc @timstclair @vishh @yifan-gu @pwittrock
Automatic merge from submit-queue
rbac authorizer: cleanups to rule evaluation for non-resource URLs
An few oversights in the RBAC authorizer. Fixes#28291 and permits non-resource URLs to use stars in the path. E.g. ("/apis/*").
cc @liggitt @kubernetes/sig-auth
Automatic merge from submit-queue
Node E2E: Prep for continuous Docker validation node e2e test
Based on https://github.com/kubernetes/kubernetes/pull/28516, for https://github.com/kubernetes/kubernetes/issues/25215.
https://github.com/kubernetes/kubernetes/pull/26813 added support to run e2e test on gci preview image and newest docker version.
This PR added the same support to node e2e test.
The main dependencies of node e2e test are `docker`, `kubelet`, `etcd` and `apiserver`.
Currently, node e2e test builds `kubelet` and `apiserver` locally, and copies them into `/tmp` directory in VM instance. GCI also has built-in `docker`. So the only dependency missing is `etcd`.
This PR injected a simple cloud-init script when creating instance to install `etcd` during node startup.
@andyzheng0831 for the cloud init script.
@wonderfly for the gci instance setup.
@pwittrock for the node e2e test change.
/cc @dchen1107
[]()
Automatic merge from submit-queue
kubectl: make --container-port actually work for expose
Even if it was recently deprecated, it should work as expected.
@kubernetes/kubectl
Automatic merge from submit-queue
Controllers doesn't take any actions when being deleted.
I started doing it for other controllers but it's not always clear to me how it should work. I'll be adding other ones as separate commits to this PR.
cc @caesarxuchao @lavalamp
Filip Grzadkowski