Automatic merge from submit-queue (batch tested with PRs 37701, 36702, 37145, 37424, 38261)
Limit unbound label cardinality on request errors
This converts all request errors to the string `<error>` instead of
passing the full error string. Error strings can have arbitrary values
and thus have a cardinality that is not suitable for a metric
use case.
Inspecting individual errors is a logging use case which can be handled separately by registering a client error handler.
@kubernetes/sig-instrumentation
Automatic merge from submit-queue
Update selenium docker images
**What this PR does / why we need it**:
Updates selenium docker images (2.47 was released a year ago)
**Which issue this PR fixes**
-
**Special notes for your reviewer**:
-
**Release note**:
`NONE`
Automatic merge from submit-queue (batch tested with PRs 35884, 37305, 37369, 37429, 35679)
fix repeat request for auth
reference to #27851
When use basic-auth/RBAC, don't set the users in .kube/config
```
# cat ~/.kube/config
apiVersion: v1
clusters:
- cluster:
insecure-skip-tls-verify: true
server: https://127.0.0.1:6443
name: ubuntu
contexts:
- context:
cluster: ubuntu
namespace: default
user: test
name: ubuntu
current-context: ubuntu
kind: Config
preferences: {}
users: []
```
kubectl request for username/password time after time
```
$ kubectl get nodes
Please enter Username: admin
Please enter Password: ******
Please enter Username: admin
Please enter Password: ******
```
Automatic merge from submit-queue (batch tested with PRs 35884, 37305, 37369, 37429, 35679)
fix mixleading warning message regarding kube-proxy nodeIP initializa…
The current warning message implies that the operator should restart kube-proxy with some flag related to node IP which can be very misleading.
Automatic merge from submit-queue
Added support for HOME environment variable on Windows
**What this PR does / why we need it**:
On Windows the HOME environment variable should be taken in account when trying to find the home directory.
Several tools already support the HOME environment variable, notably git-bash. It would be very convenient to have the kubernete tools (including minikube) to also support the environment variable.
The current situation
**Special notes for your reviewer**:
**Release note**:
```
```
Automatic merge from submit-queue (batch tested with PRs 38260, 32811, 28458, 33570, 37096)
Fix support for DNS in local-up-cluster.sh
[]()
The default appears to be gce now, so this tries to spawn a service in
gce... not the desired outcome for a local test setup.
We also need to sync the kubectl config in the script with the instructions for users, since if people don't test with DNS enabled, it bitrots (which this aims to fix).
To test manually, run something like
```
sudo KUBE_ENABLE_CLUSTER_DNS=true API_HOST_IP=0.0.0.0 ./hack/local-up-cluster.sh
```
The API_HOST_IP=0.0.0.0 is required, otherwise the master is not contactable by kubedns, and the dns pod will fail readychecking on the healthz pod.
Automatic merge from submit-queue
Fix useless uuid in container log path node e2e
@timstclair pointed out there're nits in original PR, ref: https://github.com/kubernetes/kubernetes/pull/34877
So this patch:
1. removed useless uuid
2. change all those strings to const
Thanks. 🐱
Automatic merge from submit-queue (batch tested with PRs 36626, 37294, 37463, 37943, 36541)
Remove duplicate describer errs
Downstream issue https://github.com/openshift/origin/issues/11846
**Release note**:
```release-note
release-note-none
```
The `describe` command iterates through a list of infos received from
the server and aggregates a list of errors while attempting to call each
resource's respective describer. When a resource exists, but does not
have a describer set, such as `Event`, the `describe` command outputs
the same error `error: no description has been implemented for "Event"`
for each info.
```
$ kubectl describe events
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
no description has been implemented for "Event"
```
@kubernetes/kubectl @fabianofranz
Automatic merge from submit-queue (batch tested with PRs 36626, 37294, 37463, 37943, 36541)
Add Version to the resource printer for 'get nodes'
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 36626, 37294, 37463, 37943, 36541)
Use tmpfs for gluster-server container volumes.
Gluster server needs a filesystem that supports extended attributes for its data. Some distros (Debian, Ubuntu) ship Docker that runs containers on aufs, which does not support extended attributes and therefore Gluster server fails there.
We can use tmpfs for Gluster server data volumes. ~~This expects that host's /tmp is tmpfs, which is true for Debian, Ubuntu, RHEL, CentOS and Fedora.~~
I reworked it to mount tmpfs inside the container, the server pod is privileged.
And *after* this PR is merged and new Gluster server container image is pushed we need to bump the image version in https://github.com/kubernetes/kubernetes/blob/master/test/e2e/volumes.go#L407
Edit: I also fixed Gluster server Dockerfile, it was not working at all.
Automatic merge from submit-queue
kubelet-run-parameter: change config to pod-manifest-path
What this PR does / why we need it:
"--config" will be removed in a future version of kubelet, in order to prevent failure in the new version, use "pod-manifest-path" instead of it
Automatic merge from submit-queue (batch tested with PRs 32663, 35797)
contribute deis/registry-proxy as a replacement for kube-registry-proxy
This PR is a proposal to replace the `kube-registry-proxy` addon code with [deis/registry-proxy](https://github.com/deis/registry-proxy). We have been running this component in production for several months ([since Workflow v2.3.0](15d4c1c298/workflow-v2.3.0/tpl/deis-registry-proxy-daemon.yaml)) without any issues.
There are several benefits that this proxy provides over the current implementation:
- it's the same code that is provided in [docker/distribution's contrib dir](https://github.com/docker/distribution/tree/master/contrib/compose) which I have personally used for both Docker v1 and v2 engine deployments without any issues
- the ability to [disable old Docker clients](https://github.com/deis/registry-proxy/blob/master/rootfs/etc/nginx/conf.d/default.conf.in#L19-L23) that are incompatible with the v2 registry
- better default connection timeouts, using best practices from the Docker community as a whole
- workarounds for bugs like https://github.com/docker/docker/issues/1486 (see https://github.com/deis/registry-proxy/blob/master/rootfs/etc/nginx/conf.d/default.conf.in#L15-L16)
Things that this PR differs from the current implementation:
- it's not HAProxy.
I'm not sure how the release process goes for this component, but I bumped the version to v0.4 and changed the maintainer to myself considering this is a massive overhaul. Please let me know if this is acceptable as a replacement or if we should perhaps consider this as an alternative implementation.
Happy Friday!
Automatic merge from submit-queue
openstack: Implement the `Routes` provider API
``` release-note
Implement the Routes provider API for OpenStack using Neutron extraroute extension. This removes the need for flannel/etc where supported. To use, ensure all your nodes are on the same Neutron (private) network and specify the router ID in new `[Route]` section of provider config:
[Route]
router-id = <router UUID>
```
Automatic merge from submit-queue (batch tested with PRs 37092, 37850)
Turns on dns horizontal scaling tests for GKE
Seems like the dns-autoscaler is already enabled in [this recent gke build](https://k8s-gubernator.appspot.com/build/kubernetes-jenkins/logs/ci-kubernetes-e2e-gci-gke/769/).
Turning on the corresponding e2e tests to increase test coverage.
Probably better to wait for this fix#37261 to go in first.
@bowei @bprashanth
cc @maisem @roberthbailey
Automatic merge from submit-queue
[Part 1] Add support for cross-compiling s390x binaries
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**: The current release of Kubernetes support s390x architecture partly meaning we can build Kubernetes on s390x but while deploying Kubernetes it does not have required images pushed to gcr.io repository. This PR is to make Kubernetes docker images available for s390x architecture on gcr.io repository. This PR also enables s390x support to kube-dns , pause, addon-manager, etcd, hyperkube, kube-discovery etc.
**Which issue this PR fixes** #34328
**Special notes for your reviewer**: In existing file "build-tools/build-image/cross/Dockerfile" the repository mentioned for installing cross build tool chains for supporting architecture does not have a tool chain for s390x hence in my PR I am changing the repository so that it will be cross compiled for s390x.
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 37325, 38313, 38141, 38321, 38333)
cluster: bindmount more cert paths
**What this PR does / why we need it**:
/etc/ssl/certs is currently mounted through in a number of places.
However, on Gentoo and CoreOS (and probably others), the files in
/etc/ssl/certs are just symlinks to files in /usr/share/ca-certificates.
For these components to correclty work, the target of the symlinks needs
to be available as well.
This is especially important for kube-controller-manager, where this
issue was noticed.
**Special notes for your reviewer**:
This change was originally part of #33965, but was split out for ease of
review.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 37325, 38313, 38141, 38321, 38333)
Decrease expected lower bound for misc CPU
Fixes https://github.com/kubernetes/kubernetes/issues/34990
We started enforcing expectations on the `misc` system container in https://github.com/kubernetes/kubernetes/pull/37856, but the CPU usage tends to be lower than the `kueblet` & `runtime` containers (to be expected). For simplicity, I lowered the lower bound for all system containers.
Automatic merge from submit-queue (batch tested with PRs 37325, 38313, 38141, 38321, 38333)
Cleanup firewalls, add nginx ingress to presubmit
Make the firewall cleanup code follow the same pattern as the other cleanup functions, and add the nginx ingress e2e to presubmit.
Planning to watch the test for a bit, and if it works alright, I'll add the other Ingress e2e to post-submit merge blocker.
Automatic merge from submit-queue (batch tested with PRs 37325, 38313, 38141, 38321, 38333)
typo found with controller comment for framework_test.
**What this PR does / why we need it**: fix test comment typo
**Release note**:
`NONE`
Automatic merge from submit-queue (batch tested with PRs 37325, 38313, 38141, 38321, 38333)
Fix running e2e with 'Completed' kube-system pods
As of now, e2e runner keeps waiting for pods in `kube-system` namespace to be "Running and Ready" if there are any pods in `Completed` state in that namespace.
This for example happens after following [Kubernetes Hosted Installation](http://docs.projectcalico.org/v2.0/getting-started/kubernetes/installation/#kubernetes-hosted-installation) instructions for Calico, making it impossible to run conformance tests against the cluster. It's also to possible to reproduce the problem like that:
```
$ cat testjob.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: tst
namespace: kube-system
spec:
template:
metadata:
name: tst
spec:
containers:
- name: tst
image: busybox
command: ["echo", "test"]
restartPolicy: Never
$ kubectl create -f testjob.yaml
$ go run hack/e2e.go -v --test --test_args='--ginkgo.focus=existing\s+RC'
```
This implements pv_controller to exponentially backoff
when deleting a volume fails in Cloud API. It ensures that
we aren't making too many calls to Cloud API
Automatic merge from submit-queue
type HttpProxyCheck should be HTTPProxyCheck
**What this PR does / why we need it**:
Change HttpProxyCheck to HTTPProxyCheck
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
golint
**Release note**:
```release-note
```
Signed-off-by: yupeng <yu.peng36@zte.com.cn>
/etc/ssl/certs is currently mounted through in a number of places.
However, on Gentoo and CoreOS (and probably others), the files in
/etc/ssl/certs are just symlinks to files in /usr/share/ca-certificates.
For these components to correclty work, the target of the symlinks needs
to be available as well.
This is especially important for kube-controller-manager, where this
issue was noticed.
This change was originally part of #33965, but was split out for ease of
review.
Automatic merge from submit-queue (batch tested with PRs 38318, 38258)
kernel memcg notification enabled via experimental flag
Kubelet integrates with kernel memcg notification API if and only if enabled via experimental flag.
Automatic merge from submit-queue
Adds docs for dns-horizontal-autoscaler and kube-dns
Although we have separate docs on kubernetes.io, we should have a short description about the dns-horizontal-autoscaler addon in folder.
Also updates kube-dns README with example command to scale kube-dns Deployment. This is needed because Addon Manager v6 has stricter reconcile behavior.
@bowei @bprashanth @thockin
Automatic merge from submit-queue
Delete regional static-ip instead of global for type=lb
Global vs region is the difference between
```
$ gcloud compute addresses delete foo --global
$ gcloud compute addresses delete foo --region us-central1
```
Type=LoadBalancer users the second type and were were doing the first.
Also adds some logging.
Dr. Stefan Schimanski