Automatic merge from submit-queue
switch webhook to clientgo
Switches the delegating authentication and authorization webhooks to use client-go. The ripples go out aways, but I kept it as contained as I could.
@sttts
Automatic merge from submit-queue
Fix fluentd-gcp image config by avoiding processing its own logs
Section, discarding all records generated by fluentd itself from the pipeline was deleted by mistake in https://github.com/kubernetes/kubernetes/pull/37681. Returning it back and expanding the comment.
Not bumping image version for the later cumulative update.
CC @piosz
Added [Volume] tag per issue #35542; added [Flaky] to GCE tests until confirmed fixed. Added [Serial] to NFS to address possible cross test contamination.
Automatic merge from submit-queue (batch tested with PRs 37845, 39439, 39514, 39457, 38866)
Add software versions to "kubectl get nodes -o wide" output.
Added "OS-IMAGE" and "KERNEL-VERSION" two columns to
"kubectl get nodes -o wide" output. This will help to provide
more information for user to locate or debug issues. See discussion
in ticket #25579
Automatic merge from submit-queue (batch tested with PRs 37845, 39439, 39514, 39457, 38866)
Log a warning message when failed to find kind for resource in garbage collector controller
at this time, I do not think thirdparty api group version resources should be taken care by garbage collector controllers, and this line of call will fail actually: https://github.com/kubernetes/kubernetes/blob/master/pkg/controller/garbagecollector/garbagecollector.go#L565, and as a result, the garbagecollector controller failed to start.
Automatic merge from submit-queue (batch tested with PRs 37845, 39439, 39514, 39457, 38866)
Move watch/versioned to pkg/apis/meta/v1/watch.go
Watch is a part of the server API
Automatic merge from submit-queue
Azure disk volume fixes
fix#36571: Do not report error when deleting an attached volume
fix#38362: create blob vhds container if not exists
Automatic merge from submit-queue (batch tested with PRs 39394, 38270, 39473, 39516, 36243)
Modified run-gcloud-compute-with-retries and used it wherever possible in kubemark
This PR fixes#39335
Simple changes fixing flaky issues within kubemark.
@kubernetes/sig-scalability-misc @wojtek-t @gmarek
Automatic merge from submit-queue (batch tested with PRs 39394, 38270, 39473, 39516, 36243)
Improve an error message when privileged containers are disallowed on the cluster
**What this PR does / why we need it**:
At present when user creates privileged pod and creation of privileged containers disallowed globally by a system administrator (kubelet and api-server were running with `--allow-privileged=false`), user will get the following error message:
```console
$ kubectl create -f nginx.pod
The Pod "nginx" is invalid: spec.containers[0].securityContext.privileged: Forbidden: disallowed by policy
```
"Disallowed by policy" may give a wrong assumption to a user that creation of privileged containers disallowed by [`PodSecurityPolicy`](http://kubernetes.io/docs/user-guide/pod-security-policy/) while it's not.
This commit improves error message and tries to point user to the right direction:
```console
$ kubectl create -f nginx.pod
The Pod "nginx" is invalid: spec.containers[0].securityContext.privileged: Forbidden: privileged containers are disallowed on this cluster by a system administrator
```
**Release note**:
```release-note
NONE
```
PTAL @pweil-
Automatic merge from submit-queue (batch tested with PRs 39394, 38270, 39473, 39516, 36243)
Fix wrong skipf parameter
**How to reproduce**
When run e2e test, it reports `%!!(MISSING)d(MISSING)`:
```
STEP: Checking for multi-zone cluster. Zone count = 1
Dec 6 14:16:43.272: INFO: Zone count is %!!(MISSING)d(MISSING), only run for multi-zone clusters, skipping test
[AfterEach] [k8s.io] Multi-AZ Clusters
```
We need to pass a string parameter to `SkipUnlessAtLeast`
Kubernetes Submit Queue