Automatic merge from submit-queue (batch tested with PRs 39475, 38666, 39327, 38396, 39613)
Add checking the nil value
**What this PR does / why we need it**:
Add checking the nil value.
Thanks.
**Special notes for your reviewer**:
Automatic merge from submit-queue (batch tested with PRs 37708, 34410)
Add restclientconfig helper fn for parsing timeout
Related downstream PR: https://github.com/openshift/origin/pull/12062 (example of use-case for this patch)
**Release note**:
```release-note
release-note-none
```
This patch adds a package `pkg/client/unversioned/clientcmd/util` and
defines a `ParseTimeout` helper function for parsing time from a
user-defined string. This allows code re-use in other packages that
require the creation of a new restclient (and therefore must set the
`--global-timeout` flag value manually).
@fabianofranz @kubernetes/cli-review
Automatic merge from submit-queue (batch tested with PRs 38154, 38502)
Rename "release_1_5" clientset to just "clientset"
We used to keep multiple releases in the main repo. Now that [client-go](https://github.com/kubernetes/client-go) does the versioning, there is no need to keep releases in the main repo. This PR renames the "release_1_5" clientset to just "clientset", clientset development will be done in this directory.
@kubernetes/sig-api-machinery @deads2k
```release-note
The main repository does not keep multiple releases of clientsets anymore. Please find previous releases at https://github.com/kubernetes/client-go
```
Automatic merge from submit-queue
fix connection upgrades through kuberentes-discovery
The initial upgrade through the proxy doesn't use the passed transport to handle the communication to the remote side. Since we need auth proxy headers, this broke the upgrade for exec.
This sets those headers once if its an upgrade request (the transport stomps them if called anyway, so it won't shadow.).
@sttts I think this is the last required piece. Then we start wiring in for e2e.
Automatic merge from submit-queue
Fake clientset propagates namespace to objects on create/update
**What this PR does / why we need it**:
Unlike the real Clientset, the fake Clientset requires creates and updates of namespaced objects to have the namespace specified in the target runtime object metadata. This difference forces API clients using the fake Clientset for test to propagate the namespaces to the runtime objects in the production code. This propagation is unnecessary and should be handled by the fake implementation.
**Which issue this PR fixes**: fixeskubernetes/client-go#48
**Special notes for your reviewer**:
**Release note**:
NONE
Automatic merge from submit-queue (batch tested with PRs 38597, 38570)
Logging request / response body should not allocate
Putting string(data) in the critical path causes an allocation which can
be very large, and happens regardless of whether logging is enabled.
Also, use the more sophisticated logging of body output that avoids
causing quoting of JSON output (current behavior is "{\"key\":...}" and
should be {"key":...} for readability).
@wojtek-t reduces large heap allocations on updates
Putting string(data) in the critical path causes an allocation which can
be very large, and happens regardless of whether logging is enabled.
Also, use the more sophisticated logging of body output that avoids
causing quoting of JSON output (current behavior is "{\"key\":...}" and
should be {"key":...} for readability).
If there is any error in the initial parsing then we should just
try adding the scheme.
url.Parse(base) has changed in 1.8. Please see the following change
c5ccbdd22bFixes#38380
Automatic merge from submit-queue (batch tested with PRs 36071, 32752, 37998, 38350, 38401)
Add test for concurrent evictions requests
This is a followup PR after #37668.
Add a test case to make sure concurrent eviction requests can be handled.
@davidopp @lavalamp
Automatic merge from submit-queue (batch tested with PRs 37701, 36702, 37145, 37424, 38261)
Limit unbound label cardinality on request errors
This converts all request errors to the string `<error>` instead of
passing the full error string. Error strings can have arbitrary values
and thus have a cardinality that is not suitable for a metric
use case.
Inspecting individual errors is a logging use case which can be handled separately by registering a client error handler.
@kubernetes/sig-instrumentation
Automatic merge from submit-queue (batch tested with PRs 35884, 37305, 37369, 37429, 35679)
fix repeat request for auth
reference to #27851
When use basic-auth/RBAC, don't set the users in .kube/config
```
# cat ~/.kube/config
apiVersion: v1
clusters:
- cluster:
insecure-skip-tls-verify: true
server: https://127.0.0.1:6443
name: ubuntu
contexts:
- context:
cluster: ubuntu
namespace: default
user: test
name: ubuntu
current-context: ubuntu
kind: Config
preferences: {}
users: []
```
kubectl request for username/password time after time
```
$ kubectl get nodes
Please enter Username: admin
Please enter Password: ******
Please enter Username: admin
Please enter Password: ******
```
RESTMapping method can now rely on RESTMappings by passing versions parameter and taking the first match found by RESTMappings method. In addition
a UT that test the new method has been added.
The only change in logic to what was before is when calling RESTMapping
we search all defaultGroupVersion as opposed to just one when no mapping was found for provided versions.
Automatic merge from submit-queue
Fix resync goroutine leak in ListAndWatch
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
This PR fixes resync goroutine leak in ListAndWatch function
**Which issue this PR fixes** _(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)_: fixes #
fixes#35015
**Special notes for your reviewer**:
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
``` release-note
```
Previously, we had no way to stop resync goroutine when ListAndWatch
returned. goroutine leaked every time ListAndWatch returned, for
example, with error. This commit adds another channel to signal that
resync goroutine should exit when ListAndWatch returns.
Automatic merge from submit-queue
Add error handling for store operations in cache/reflector
In my opinion the errors there should be returned, but to have minimal impact I just added runtime error handler.
Let me know what you think.
Automatic merge from submit-queue (batch tested with PRs 35300, 36709, 37643, 37813, 37697)
Add generated informers
Add informer-gen and the informers it generates. We'll do follow-up PRs to convert everything currently using the hand-written informers to the generated ones.
TODO:
- [x] switch to `GroupVersionResource`
- [x] finish godoc
@deads2k @caesarxuchao @sttts @liggitt
Automatic merge from submit-queue (batch tested with PRs 36263, 36755, 37357, 37222, 37524)
add other impersonation fields to transport
Adds the group and extra fields to the impersation options in a rest and transport config.
@kubernetes/sig-auth
This patch adds a package `pkg/client/unversioned/clientcmd/util` and
defines a `ParseTimeout` helper function for parsing time from a
user-defined string. This allows code re-use in other packages that
require the creation of a new restclient (and therefore must set the
`--global-timeout` flag value manually).
Previously, we had no way to stop resync goroutine when ListAndWatch
returned. goroutine leaked every time ListAndWatch returned, for
example, with error. This commit adds another channel to signal that
resync goroutine should exit when ListAndWatch returns.
Automatic merge from submit-queue
Read all resources for finalization and gc, not just preferred
Fixes#31481.
Currently when starting namespace controller or garbage collector we only gather preferred version resources, which in case of multiple versions (you guessed it `batch/v2alpha1.CronJobs` again) isn't sufficient. This PR adds additional method which actually retrieves all resources from all versions and works on them.
@kubernetes/sig-api-machinery ptal
This converts all request errors to the string `<error>` instead of
passing the full error string. Error strings can have arbitrary values
and thus have a cardinality that is not suitable for a metric
use case.
Automatic merge from submit-queue
Fix strategic patch for list of primitive type with merge sementic
Fix strategic patch for list of primitive type when the patch strategy is `merge`.
Before: we cannot replace or delete an item in a list of primitive, e.g. string, when the patch strategy is `merge`. It will always append new items to the list.
This patch will generate a map to update the list of primitive type.
The server with this patch will accept either a new patch or an old patch.
The client will found out the APIserver version before generate the patch.
Fixes#35163, #32398
cc: @pwittrock @fabianofranz
``` release-note
Fix strategic patch for list of primitive type when patch strategy is `merge` to remove deleted objects.
```
Automatic merge from submit-queue
Expand documentation and TODOs in a few packages
I was reading through unfamiliar code and mostly added TODOs and expanded and clarified documentations.
There are a couple of things that are real code changes:
- Removed some unused constants
- Changed `workqueue.Parallize` to clamp the number of worker goroutines to the number of items to be processed.
- Added another unit test to `workqueue.queue`. I thought I found a bug (I was wrong) and wrote a unit test to isolate. I figure the extra test is worth keeping.
Automatic merge from submit-queue
Fix kubectl drain for statefulset
Support deleting pets for `kubectl drain`.
Use evict to delete pods.
Fixes: #33727
```release-note
Adds support for StatefulSets in kubectl drain.
Switches to use the eviction sub-resource instead of deletion in kubectl drain, if server supports.
```
@foxish @caesarxuchao
This allows us to interrupt/kill the executed command if it exceeds the
timeout (not implemented by this commit).
Set timeout in Exec probes. HTTPGet and TCPSocket probes respect the
timeout, while Exec probes used to ignore it.
Add e2e test for exec probe with timeout. However, the test is skipped
while the default exec handler doesn't support timeouts.
Automatic merge from submit-queue
Add caching for discovery info with invalidation on cache-miss
TODO:
- [x] write tests for `CachedDiscoveryClient`
- [x] write tests for `DeferredDiscoveryRESTMapper` on cache-miss
- [x] find better way/structure to get rid of `invalidateCh` in c06ba3175b
Automatic merge from submit-queue
Add missing expansion files to versioned clientset
I copied the expansion functions that only existed in the internalclientset to release_1_5.
Most changes are mechanical. This is needed for migrating k8s to use versioned clientset, so I add the 1.5 milestone.
Automatic merge from submit-queue
Switch DisruptionBudget api from bool to int allowed disruptions [only v1beta1]
Continuation of #34546. Apparently it there is some bug that prevents us from having 2 different incompatibile version of API in integration tests. So in this PR v1alpha1 is removed until testing infrastructure is fixed.
Base PR comment:
Currently there is a single bool in disruption budget api that denotes whether 1 pod can be deleted or not. Every time a pod is deleted the apiserver filps the bool to false and the disruptionbudget controller sets it to true if more deletions are allowed. This works but it is far from optimal when the user wants to delete multiple pods (for example, by decreasing replicaset size from 10000 to 8000).
This PR adds a new api version v1beta1 and changes bool to int which contains a number of pods that can be deleted at once.
cc: @davidopp @mml @wojtek-t @fgrzadkowski @caesarxuchao
Automatic merge from submit-queue
always allow decoding of status when returned from the API
`unversioned.Status` should be able to come back from any API version and still be properly decoded. This doesn't happen today by default.
@smarterclayton Our projectrequest endpoint returns a `Status` object on a 200 return from list to indicate everything went well. This (or something like it) is needed to make the API accepted by `kubectl`. Alternatively, we change the API to return a different (still not a `Project`) value from list, which still feels wrong.
Automatic merge from submit-queue
clean up client version negotiation to handle no legacy API
Version negotiation fails if the legacy API endpoint isn't available.
This tightens up the negotiation interface based to more clearly express what each stage is doing and what the constraints on negotiation are. This is needed to speak to generic API servers.
@kubernetes/kubectl
Automatic merge from submit-queue
Avoid double decoding all client responses
Fixes#35982
The linked issue uncovered that we were always double decoding the response in restclient for get, list, update, create, and patch. That's fairly expensive, most especially for list. This PR refines the behavior of the rest client to avoid double decoding, and does so while minimizing the changes to rest client consumers.
restclient must be able to deal with multiple types of servers. Alter the behavior of restclient.Result#Raw() to not process the body on error, but instead to return the generic error (which still matches the error checking cases in api/error like IsBadRequest). If the caller uses
.Error(), .Into(), or .Get(), try decoding the body as a Status.
For older servers, continue to default apiVersion "v1" when calling restclient.Result#Error(). This was only for 1.1 servers and the extensions group, which we have since fixed.
This removes a double decode of very large objects (like LIST) - we were trying to DecodeInto status, but that ends up decoding the entire result and then throwing it away. This makes the decode behavior specific to the type of action the user wants.
```release-note
The error handling behavior of `pkg/client/restclient.Result` has changed. Calls to `Result.Raw()` will no longer parse the body, although they will still return errors that react to `pkg/api/errors.Is*()` as in previous releases. Callers of `Get()` and `Into()` will continue to receive errors that are parsed from the body if the kind and apiVersion of the body match the `Status` object.
This more closely aligns rest client as a generic RESTful client, while preserving the special Kube API extended error handling for the `Get` and `Into` methods (which most Kube clients use).
```
restclient must be able to deal with multiple types of servers. Alter
the behavior of restclient.Result#Raw() to not process the body on
error, but instead to return the generic error (which still matches the
error checking cases in api/error like IsBadRequest). If the caller uses
.Error(), .Into(), or .Get(), try decoding the body as a Status.
For older servers, continue to default apiVersion "v1" when calling
restclient.Result#Error(). This was only for 1.1 servers and the
extensions group, which we have since fixed.
This removes a double decode of very large objects (like LIST).
Automatic merge from submit-queue
Add tooling to generate listers
Add lister-gen tool to auto-generate listers. So far this PR only demonstrates replacing the manually-written `StoreToLimitRangeLister` with the generated `LimitRangeLister`, as it's a small and easy swap.
cc @deads2k @liggitt @sttts @nikhiljindal @lavalamp @smarterclayton @derekwaynecarr @kubernetes/sig-api-machinery @kubernetes/rh-cluster-infra
Automatic merge from submit-queue
Verify and update client-go staging area for every PR
We need to keep the staging area up-to-date to prevent PRs from breaking client-go.
It's marked as "WIP" because we need to decide the [versioning strategy](https://github.com/kubernetes/client-go/issues/9) for client-go first. This PR contains breaking changes for client-go.
This is blocking #29934 and potentially #34441
cc @kubernetes/sig-api-machinery
Automatic merge from submit-queue
convert SA controller to shared informers
convert the SA controller to shared informer + workqueue.
I think one of @derekwaynecarr @ncdc or @liggitt
Alter how runtime.SerializeInfo is represented to simplify negotiation
and reduce the need to allocate during negotiation. Simplify the dynamic
client's logic around negotiating type. Add more tests for media type
handling where necessary.
Automatic merge from submit-queue
remove the non-generated client
Removes the non-generated client from kube. The package has a few methods left, but nothing that needs updating when adding new groups.
@ingvagabund
Automatic merge from submit-queue
Create restclient interface
Refactoring of code to allow replace *restclient.RESTClient with any RESTClient implementation that implements restclient.RESTClientInterface interface.
Automatic merge from submit-queue
Add an informer for StorageClass
Add an informer for `StorageClass` for later consumption in quota.
/cc @eparis @deads2k @erinboyd
Automatic merge from submit-queue
PVC informer lister supports listing
This will be used in follow-on PRs for quota evaluation backed by informers for pvcs.
/cc @deads2k @eparis @kubernetes/sig-storage
Most normal codec use should perform defaulting. DirectCodecs should not
perform defaulting. Update the defaulting_test to fuzz the list of known
defaulters. Use the new versioning.NewDefaultingCodec() method.
Automatic merge from submit-queue
add optional mutation checks for shared informer cache
We need to make sure that no one is mutating caches if they're using a shared informer. It is important that whatever is tracking those changes gets the object *before* anyone else possibly could.
This adds the ability to track the original objects in the cache and their current values. Go doesn't have an exit hook or a way to say "wait for non-daemon go-funcs to complete before exit", so this runs a gofunc on a loop that can panic the entire process. It's gated behind an env var.
@derekwaynecarr did I get the right spots to make sure that e2e runs with this flag?
@smarterclayton @kubernetes/rh-cluster-infra
Automatic merge from submit-queue
Fix lint error in remotecommand.go
Before:
```
pkg/client/unversioned/remotecommand/remotecommand.go:101:9: should omit type http.RoundTripper from declaration of var rt; it will be inferred from the right-hand side
Please fix the above errors. You can test via "golint" and commit the result.
```
Automatic merge from submit-queue
+optional tag for OpenAPI spec
OpenAPI rely on "omitempty" json tag to determine if a field is optional or not. This change will add "+optional" tag to all fields with "omitempty" json tag and support the tag in OpenAPI spec generator.
Before:
pkg/client/unversioned/remotecommand/remotecommand.go:101:9: should omit type http.RoundTripper from declaration of var rt; it will be inferred from the right-hand side
Please fix the above errors. You can test via "golint" and commit the result.
Automatic merge from submit-queue
Add global timeout flag
**Release note**:
```release-note
Add a new global option "--request-timeout" to the `kubectl` client
```
UPSTREAM: https://github.com/kubernetes/client-go/pull/10
This patch adds a global timeout flag (viewable with `kubectl -h`) with
a default value of `0s` (meaning no timeout).
The timeout value is added to the default http client, so that zero
values and default behavior are enforced by the client.
Adding a global timeout ensures that user-made scripts won't hang for an
indefinite amount of time while performing remote calls (right now, remote
calls are re-tried up to 10 times when each attempt fails, however, there is
no option to set a timeout in order to prevent any of these 10 attempts from
hanging indefinitely).
**Example**
```
$ kubectl get pods # no timeout flag set - default to 0s (which means no
timeout)
NAME READY STATUS RESTARTS AGE
docker-registry-1-h7etw 1/1 Running 1 2h
router-1-uv0f9 1/1 Running 1 2h
$ kubectl get pods --request-timeout=0 # zero means no timeout no timeout flag set
NAME READY STATUS RESTARTS AGE
docker-registry-1-h7etw 1/1 Running 1 2h
router-1-uv0f9 1/1 Running 1 2h
$kubectl get pods --request-timeout=1ms
Unable to connect to the server: net/http: request canceled while
waiting for connection (Client.Timeout exceeded while awaiting headers)
```
This patch adds a global timeout flag (viewable with `kubectl -h`) with
a default value of `0s` (meaning no timeout).
The timeout value is added to the default http client, so that zero
values and default behavior are enforced by the client.
**Example**
```
$ kubectl get pods # no timeout flag set - default to 0s (which means no
timeout)
NAME READY STATUS RESTARTS AGE
docker-registry-1-h7etw 1/1 Running 1 2h
router-1-uv0f9 1/1 Running 1 2h
$ kubectl get pods --timeout=0 # zero means no timeout no timeout flag set
NAME READY STATUS RESTARTS AGE
docker-registry-1-h7etw 1/1 Running 1 2h
router-1-uv0f9 1/1 Running 1 2h
$kubectl get pods --timeout=1ms
Unable to connect to the server: net/http: request canceled while
waiting for connection (Client.Timeout exceeded while awaiting headers)
```
Automatic merge from submit-queue
Discovery client retry when failed to discovery resrouces
Fix#32308
`ServerPreferredNamespacedResources()` fails if in the middle of its execution, the TPR e2e tests change the supported resources on the API server. This PR let the e2e test framework retry `ServerPreferredNamespacedResources()`.
cc @lavalamp
Automatic merge from submit-queue
Ignore troublesome paths that cause coverage to fail
**What this PR does / why we need it**:
`KUBE_COVER=y make check` currently fails, this patch fixes it.
**Which issue this PR fixes**
fixes#31691
**Special notes for your reviewer**:
None
**Release note**:
```release-note
NONE
```
This avoids the whole command failing because of errors like the following:
```
# cover k8s.io/kubernetes/pkg/client/restclient
cover: internal error: block 268 overlaps block 270
```
Automatic merge from submit-queue
Update client config invalid option errors to be more specific
This patch adds better error handling for cases where a global option (such as --context or --cluster) causes an invalid config to be returned.
```release-note
release-note-none
```
This patch provides a more relevant error message when a client
configuration option is passed with an invalid or non-existent value.
`$ kubectl get pods --cluster="non-existent"`
```
error: No configuration file found, please login or point to an existing
file
```
`$ kubectl get pods --cluster="non-existent"`
```
error: cluster "non-existent" does not exist
```
Automatic merge from submit-queue
update deployment and replicaset listers
Updates the deployment lister to avoid copies and updates the deployment controller to use shared informers.
Pushing WIP to see which tests are broken.
Automatic merge from submit-queue
DeltaFIFO should not report HasSynced until deletes are reported
Deletions identified by knownObjects on the initial sync replace
(immediately after the List from a reflector) should be considered part
of the initial sync since we have the information available at the time
we do the deletion.
An error during Replace() can result in Populated not being set, but it
was incorrect before (population would be wrong) and queueActionLocked
does not error except on "my cache is broken because I gave an incorrect
keyFunc".
@lavalamp @deads2k hit this while trying to use DeltaFIFO to implement an "external" controller (one that uses the knownObjects as provided by a call to a remote system of record).
Not 1.4
Automatic merge from submit-queue
Run hack/update-codegen.sh in release-1.4 for generating an updated 1.4 clientset
@caesarxuchao doing steps 1 and 2 as described here https://github.com/kubernetes/kubernetes/pull/33851#issuecomment-250851272
adds apps, authentication, certificates, rbac, and storage.
The reason there are substantial deletions (aside from the oneliner "this package is generated by client-gen with arguments...") is because PR https://github.com/kubernetes/kubernetes/pull/32407 added a resource to the 1.4 clientset even though the resource is not present in 1.4 and the PR is targeted to 1.5. So this corrects that, as a bonus.
Automatic merge from submit-queue
Update federation controllers to use release 1.5 clientset
This PR is based on #32243, we won't merge it until next week, to make cherry-picks easier.
Deletions identified by knownObjects on the initial sync replace
(immediately after the List from a reflector) should be considered part
of the initial sync since we have the information available at the time
we do the deletion.
An error during Replace() can result in Populated not being set, but it
was incorrect before (population would be wrong) and queueActionLocked
does not error except on "my cache is broken because I gave an incorrect
keyFunc".
Automatic merge from submit-queue
Copy auth plugin to client-go repo
client-go doesn't copy the [auth plugin](https://github.com/kubernetes/kubernetes/blob/master/plugin/pkg/client/auth/plugins.go). This causes user cannot access cluster run by GKE. User will see error "No Auth Provider found for name gcp".
This PR fixes this issue. It's marked as WIP because I'll need to rebase after #32906 gets merged. Also, the fix needs to be cherry-picked into 1.4 branch to update client-go/1.4.
rename plugin/pkg/client/auth/plugins.go package name to auth
add the plugin import line in client-gen
update import_known_versions for release_1_5 clientset
change copy.sh
Automatic merge from submit-queue
simplify RC listers
Make the RC and SVC listers use the common list functions that more closely match client APIs, are consistent with other listers, and avoid unnecessary copies.
Automatic merge from submit-queue
Allow garbage collection to work against different API prefixes
The GC needs to build clients based only on Resource or Kind. Hoist the
restmapper out of the controller and the clientpool, support a new
ClientForGroupVersionKind and ClientForGroupVersionResource, and use the
appropriate one in both places.
Allows OpenShift to use the GC
Automatic merge from submit-queue
unify available api group versions in our scripts
There are currently many parallel lists of available group versions with slightly different syntaxes in each one. This collapses them into a single list for us to maintain.
Also caught spots where the lists didn't match before.
@sttts @ncdc
Automatic merge from submit-queue
Staging 1.5 client
Created the 1.5 folder and remove the 1.4 folder in the staging area in the master branch.
Content of kubernetes/client-go/1.4 will be pulled from the kubernetes/kubernetes 1.4 branch (https://github.com/kubernetes/contrib/pull/1719)
The GC needs to build clients based only on Resource or Kind. Hoist the
restmapper out of the controller and the clientpool, support a new
ClientForGroupVersionKind and ClientForGroupVersionResource, and use the
appropriate one in both places.
Automatic merge from submit-queue
Refactor cert utils into one pkg, add funcs from bootkube for kubeadm to use
**What this PR does / why we need it**:
We have ended-up with rather incomplete and fragmented collection of utils for handling certificates. It may be worse to consider using `cfssl` for doing all of these things, but for now there is some functionality that we need in `kubeadm` that we can borrow from bootkube. It makes sense to move the utils from bookube into core, as discussed in #31221.
**Special notes for your reviewer**: I've taken the opportunity to review names of existing funcs and tried to make some improvements in that area (with help from @peterbourgon).
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
simplify RC and SVC listers
Make the RC and SVC listers use the common list functions that more closely match client APIs, are consistent with other listers, and avoid unnecessary copies.
This commit moves away from using a global variable for default
configuration checking, and instead exposes a method on LoadingRules to
determine whether a particular restclient.Config should be considered
"default". This allows kubectl to provide its own defaults (the same
as before, KUBERNETES_MASTER and the static localhost:8080 values) while
allowing other clients to avoid defining them.
In-cluster config defaulting is now easier to read.
Automatic merge from submit-queue
Add storage api group to hack/update-codegen.sh
Add it to the script then run it in the second commit. 1.4 needs the same change, I'll do it in my other PR.
Automatic merge from submit-queue
Add godoc on using FakeClient with subresources
Add a little godoc on using FakeClient with subresources, hoping to prevent future occurences of #32127.
Automatic merge from submit-queue
fix a spell mistake
**What this PR does / why we need it**:
fixed a spell mistake
**Which issue this PR fixes** :
**Special notes for your reviewer**:
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
```
Automatic merge from submit-queue
Check init containers in PodContainerRunning
Sometimes when an init container runs and terminates quickly, PodContainerRunning can go into a
state where the pod indicates it's still running, but the container is already terminated. Handle
that condition by returning ErrContainerTerminated when it happens.
See also #29952
@smarterclayton @fabianofranz
Automatic merge from submit-queue
Switch ScheduledJob controller to use clientset
**What this PR does / why we need it**:
This is part of #25442. I've applied here the same fix I've applied in the manual client in #29187, see the 1st commit for that (@caesarxuchao we've talked about it in #29856).
@deads2k as promised
@janetkuo ptal
Automatic merge from submit-queue
Handle Stream() errors consistently in restclient
We should be following the same rules for Stream() as the normal body
request flow.
Also add slightly more output on a server error - in the future we may
want to clean this up but it's potentially hiding bad responses.
Related to #32009 but isn't the fix (so far)
Automatic merge from submit-queue
Fix clientcmd for a non-host cluster client running in a pod.
This is based on @errordeveloper's PR #32438. It fixes a case where default config is invalid and original config, i.e. `mergedConfig` is empty. It also adds a test for the case where default config is invalid and original config is neither invalid nor empty.
cc @errordeveloper @kubernetes/sig-cluster-federation @pwittrock @colhom
Automatic merge from submit-queue
Allow namespace to be loaded from in-cluster config
This is a follow on from the previous commit that fixed ClientConfig.
Namespace can also be defaulted from ICC, and this correctly handles
that logic. Also add two debugging lines to ensure that it is easier in
the future to uncover problems here.
Fixes#32352
@deads2k
Automatic merge from submit-queue
Generate 1 5 clientset
Generate the 1.5 clientset. Stop updating 1.4 clientset. Remove 1.2 clientset.
@nikhiljindal @lavalamp
I will rebase #31994 atop of this one.
Automatic merge from submit-queue
Add a check in ConfirmUsable() to validate the contextName
**What this PR does / why we need it**:
When a context name is provided, but can't be found (miss spelling), it currently
uses the defaults. This PR will cause the command to fail, to prevent unexpected side effects
of using the wrong configuration.
**Which issue this PR fixes**
fixes#21062
**Special notes for your reviewer**:
None
**Release note**:
```release-note
Error if a contextName is provided but not found in the kubeconfig.
```
Automatic merge from submit-queue
Use scale subresource
Fixes#29698
Use scale subresource for ReplicationController, ReplicaSet and Deployment.
Couldn't do Jobs and PetSet since they live in a different group.
Automatic merge from submit-queue
Example of unversioned pkg uses correct Config struct
Currently this Doc has incorrect example - https://godoc.org/k8s.io/kubernetes/pkg/client/unversioned
So when developers use it they are confused why `client` pkg has no `Config` struct, actually this is a struct from `restclient` pkg.
Also pkg name and variable name should be equal:
`client, err := client.New(config)`
Thanks,
Alex
Changes made in #31947 cause kube-proxy to ignore `--kubeconfig`
and `--master` flags and use in-cluster configuration, which is
unusable due to the fact that VIP hasn't been created yet.
This is a follow on from the previous commit that fixed ClientConfig.
Namespace can also be defaulted from ICC, and this correctly handles
that logic. Also add two debugging lines to ensure that it is easier in
the future to uncover problems here.
Automatic merge from submit-queue
add selfsubjectaccessreview API
Exposes the REST API for self subject access reviews. This allows a user to see whether or not they can perform a particular action.
@kubernetes/sig-auth
Automatic merge from submit-queue
Use a structured error rather than an Aggregate error in discovery
Should provide more information for debugging the root cause of
discovery failures.
Exposes the true cause of #32009
@lavalamp @derekwaynecarr
Automatic merge from submit-queue
Split path validation into a separate library
This PR splits path segment validation into it's own package. This cuts off one of the restclient's dependency paths to some docker packages, and completely eliminates its dependency on go-restful swagger validation.
cc @kubernetes/sig-api-machinery
Automatic merge from submit-queue
Move StorageClass to a storage group
We discussed the pros and cons in sig-api-machinery yesterday. Choosing a particular group name means that clients (including our internal code) require less work and re-swizzling to handle promotions between versions. Even if you choose a group you end up not liking, the amount of work remains the same as the incubator work case: you move the affected kind, resource, and storage.
This moves the `StorageClass` type to the `storage.k8s.io` group (named for consistency with authentication, authorization, rbac, and imagepolicy). There are two commits, one for manaul changes and one for generated code.
Automatic merge from submit-queue
Check for EmptyConfig errors when trying to use in-cluster config
By removing the default "localhost:8080" behavior several paths in
client config began returning err == ErrEmptyConfig rather than err ==
nil. The code checking for in cluster config was wrong - the logic
should be:
1. If loading the underlying config returns a non-empty error, fail
2. If the underlying config is not equal to the default config,
return that config (it has user input)
3. If it is possible to use in-cluster config, do so
4. Otherwise return the default config (and or default EmptyConfig
error).
Fixes#31910 @thockin @lavalamp @deads2k. We introduced EmptyConfig a very long time ago, but until I removed the "localhost:8080" Kubernetes was not actually exposing it (OpenShift relies on it since we don't set an insecure default). This properly falls through to in-cluster config in the described conditions.
```release-note
Some components like kube-dns and kube-proxy could fail to load the service account token when started within a pod. Properly handle empty configurations to try loading the service account config.
```
By removing the default "localhost:8080" behavior several paths in
client config began returning err == ErrEmptyConfig rather than err ==
nil. The code checking for in cluster config was wrong - the logic
should be:
1. If loading the underlying config returns a non-empty error, fail
2. If the underlying config is not equal to the default config,
return that config (it's got user input)
3. If it is possible to use in cluster config, do so
4. Otherwise return the default config (and or default EmptyConfig
error).
Automatic merge from submit-queue
Add e2e tests for eviction subresource.
This branch includes changes pending in both #31638 and #31721. I will rebase
once those merge.
This avoids the whole command failing because of errors like the following:
```
# cover k8s.io/kubernetes/pkg/client/restclient
cover: internal error: block 268 overlaps block 270
```
For vendor code, igone
For local code replace the switch with an if statement
We should be following the same rules for Stream() as the normal body
request flow.
Also add slightly more output on a server error - in the future we may
want to clean this up but it's potentially hiding bad responses.
Automatic merge from submit-queue
Namespace certificates API group
New API groups should follow best-practices for naming, including using DNS names within the k8s.io namespace
```release-note
The certificates API group has been renamed to certificates.k8s.io
```
Automatic merge from submit-queue
Generate versioned client for pvc
I noticed while trying to use client-go that there is no way to get PVC with versioned clientset. I don't know why it is excluded, I cannot find any discussion about this, so I am creating this assuming it is just an oversight...
Automatic merge from submit-queue
Rewrite disruption e2e test to use versioned client.
This currently includes the changes from #31638. I will rebase once that is merged.
This changes clientcmd to skip the default cluster, but preserves the
behavior in kubectl. This prevents the possibility of an administrator
misconfiguration in kubelet or other server component from allowing a
third party who can bind to 8080 on that host from potentially
impersonating an API server and gaining root access.
Automatic merge from submit-queue
Make sure the StatusCode is taken into account in DoRaw()
**What this PR does / why we need it**:
Currently if there is an error (not found) the error printed out
is to do with the inablity to convert an empty body into the expected json.
This patch will fill in the err correctly.
example of before (with NotFound error):
$ kubectl top node
failed to unmarshall heapster response: json: cannot unmarshal object into Go value of type []v1alpha1.NodeMetrics
Now:
$ kubectl top node
the server could not find the requested resource (get services http:heapster:)
**Which issue this PR fixes**
related to bug #30818
**Special notes for your reviewer**:
None
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Avoid sorting lists when unnecessary
I've seen ThreadSafeMap::List consuming ~30% of whole CPU usage, spending the whole time in sorting (while it is in fact completely unneded).
Automatic merge from submit-queue
Add ScaleExpansion to client v1.4
**What this PR does / why we need it**:
The generated v1.4 did not carry over the complete ScaleExpansion interface. The unversioned client is using this interface and should be in sync with generated client.
**Release note**:
```release-note
NONE
```
1. When overlapping deployments are discovered, annotate them
2. Expose those overlapping annotations as warnings in kubectl describe
3. Only respect the earliest updated one (skip syncing all other overlapping deployments)
4. Use indexer instead of store for deployment lister
Currently if there is an error (not found) the error printed out
is to do with the inablity to convert an empty body into the expected json.
This patch will fill in the err correctly.
example of before (with NotFound error):
$ kubectl top node
failed to unmarshall heapster response: json: cannot unmarshal object into Go value of type []v1alpha1.NodeMetrics
Now:
$ kubectl top node
the server could not find the requested resource (get services http:heapster:)
Sometimes when an init container runs and terminates quickly, PodContainerRunning can go into a
state where the pod indicates it's still running, but the container is already terminated. Handle
that condition by returning ErrContainerTerminated when it happens.
Automatic merge from submit-queue
Do not hold the lock for a long time
Followup to #30839.
I'm not convinced this is a super great idea but I'll throw it out and let others decide.
Ref https://github.com/kubernetes/minikube/issues/368
Ref #30759
Automatic merge from submit-queue
Remove implicit Prometheus metrics from client
**What this PR does / why we need it**: This PR starts to cut away at dependencies that the client has.
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
The implicit registration of Prometheus metrics for request count and latency have been removed, and a plug-able interface was added. If you were using our client libraries in your own binaries and want these metrics, add the following to your imports in the main package: "k8s.io/pkg/client/metrics/prometheus".
```
cc: @kubernetes/sig-api-machinery @kubernetes/sig-instrumentation @fgrzadkowski @wojtek-t
Automatic merge from submit-queue
Add initial support for TokenFile to to the client config file.
@smarterclayton @deads2k @cjcullen @krousey
Part of the fix for #28260
Automatic merge from submit-queue
Add support for the standard objectmeta field selectors
certificates API was missing standard field selectors (noticed in 4120179db5 (r75413160))
also silences client-side warnings when using field selectors that don't have a registered client-side transformation (no functional change, since we were already returning the original field/value). if we want to trend toward embedding less conversion logic in our clients, I don't see us fully duplicating field selector conversions client-side to make that warning disappear.
Automatic merge from submit-queue
Return the current kubeconfig as the starting config in ClientConfigGetter.
This fixes issue #30790.
cc @kubernetes/sig-cluster-federation
Automatic merge from submit-queue
Basic scaler/reaper for petset
Currently scaling or upgrading a petset is more complicated than it should be. Would be nice if this made code freeze on friday. I'm planning on a follow up change with generation number and e2es post freeze.
Automatic merge from submit-queue
Attempt to ensure entire resp body is read
**What this PR does / why we need it**: Enables the re-use of TCP connections when code fails to read the entire body of the response.
**Which issue this PR fixes**: fixes#30975
**Special notes for your reviewer**:
This is a best effort approach. It only attempts to drain the body of the response if it's less than 1k. It seems like a reasonable barrier at which to give up and just use a new TCP connection.
cc: @wojtek-t @smarterclayton @lavalamp @kubernetes/sig-api-machinery
Automatic merge from submit-queue
Add a short `-n` for `kubectl --namespace`
fixes#24078
`--namespace` is a very common flag for nearly every `kubectl` command we have. We should claim `-n` for it.
Convert single GV and lists of GVs into an interface that can handle
more complex scenarios (everything internal, nothing supported). Pass
the interface down into conversion.
Automatic merge from submit-queue
Continue on #30774: Change podNamespacer API
continue on #30774, credit to @wojtek-t, Ref #30759
I just fixed a test and converted IsActivePod to operate on *Pod.
Automatic merge from submit-queue
Change kubectl create to use dynamic client
https://github.com/kubernetes/kubernetes/issues/16764https://github.com/kubernetes/kubernetes/issues/3955
This is a series of changes to allow kubectl create to use discovery-based REST mapping and dynamic clients.
cc @kubernetes/sig-api-machinery
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
kubectl will no longer do client-side defaulting on create and replace.
```
Automatic merge from submit-queue
[GarbageCollector] measure latency
First commit is #27600.
In e2e tests, I measure the average time an item spend in the eventQueue(~1.5 ms), dirtyQueue(~13ms), and orphanQueue(~37ms). There is no stress test in e2e yet, so the number may not be useful.
<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.kubernetes.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.kubernetes.io/reviews/kubernetes/kubernetes/28387)
<!-- Reviewable:end -->
Kubernetes Submit Queue
