Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add GCE ingress test case for modified health check
**What this PR does / why we need it**:
When users modify their backend health check without involving ingress, their setup should be preserved.
Test procedure:
- Creating a basic HTTP ingress and wait for it to come up.
- Retrieving relevant health check resources from GCE.
- Modifying health check without involving ingress.
- Adding a new path to ingress and wait for it to take effect. (Not sure if this will be enough for syncing resource?)
- Checking if the modified health check is unchanged.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #NONE.
**Special notes for your reviewer**:
/assign @rramkumar1 @nicksardo
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add support of hyperv isolation for windows containers
**What this PR does / why we need it**:
Add support of hyperv isolation for windows containers.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58750
**Special notes for your reviewer**:
Only one container per pod is supported yet.
**Release note**:
```release-note
Windows containers now support experimental Hyper-V isolation by setting annotation `experimental.windows.kubernetes.io/isolation-type=hyperv` and feature gates HyperVContainer. Only one container per pod is supported yet.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add gce-ingress e2e test for sync failure case
**What this PR does / why we need it**:
Add a test that verifies sync failures on some inrgesses would not stop gce ingress controller from syncing others.
Basically:
- Create two ingresses each has something wrong (TLS missing, backend missing etc.).
- Create a normal ingress and test it works.
- Update this ingress and test it takes effect.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #NONE
**Special notes for your reviewer**:
Ref https://docs.google.com/document/d/1E2ufxZGujFCYKYOsvBjb4VMNjBy8CM-MMycoT_UVwIs/edit#heading=h.wxzdzliw64t8.
/assign @rramkumar1 @nicksardo
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Include `upstream` option in CoreDNS
**What this PR does / why we need it**:
Including `upstream` as a default in the manifest and keep in sync with the default CoreDNS manifest.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57785
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[e2e util] Remove static IP functions based on gcloud
**What this PR does / why we need it**:
Use GCE library for static IP instead of calling gcloud in e2e test.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #NONE
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Do not use ifupdown commands
**What this PR does / why we need it**:
The ifupdown commands (ifup and ifdown) are not useful on many modern
distributions. Instead, the "ip link set" set of commands are standard
linux utilities and should be available everywhere (see
http://baturin.org/docs/iproute2/).
ipupdown utilities have the added quirk that they return 0 on failure,
which makes the changed line fail silently in case ifdown didn't bring
the network down.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix adding FileContentCheck
**What this PR does / why we need it**:
Current code adds FileContentCheck only for the first API
Server mentioned in the command line. The test is never added
as net.ParseIP always fails because address:port is passed
to it instead of just an address.
Fixed both issues by introducing a loop over all API Servers
and splitting address:port before passing address to the
net.ParseIP API.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
csi: Update version comparison model
**What this PR does / why we need it**:
CSI version matching needed to be updated to be able to support different patch levels during 0.x.x versions, and different minor.patch levels during >=1.x.x versions.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58813
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Only run verify-staging-godeps if staging/godeps are touched
**What this PR does / why we need it**:
I had a lightbulb moment. On presubmit, we only verify godeps if one of the following is changed:
- The godep scripts
- The Godeps/ dir
- The vendor/ dir
The same should apply to verifying the staging godeps, adding in the staging dir itself. The logic being, if we don't touch Godeps/vendor, we don't touch the script that generates stuff, and we don't make changes to the staging dir itself (like adding/removing imports), then we don't need to verify godeps.
Note that post-submit CI jobs will still check these, as I'm copying the same logic that's in verify-godeps
This seems too easy, so *please* point out if I'm missing something.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Let client ca post start hook use GET to check if the system namespace exists
This is a direct fix for #56761.
The original code tried to create a namespace unconditionally, it caused apiserver to fail to reboot if a webhook blocked namespaces creation.
In the long term, we should make the apiserver return 409 instead of 5xx in the case of conflicting POST, even if a webhook fails the POST.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
client-go: Fix broken TCP6 listen for port forwarding
**What this PR does / why we need it**:
The IPV6 loopback address `::1` is enclosed in square brackets twice,
which cause a failure to listen on the TCP6 port.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
**Special notes for your reviewer**:
**Release note**:
```release-note
Fix an issue where port forwarding doesn't forward local TCP6 ports to the pod
```
/area ipv6
/sig cli
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add a comment on specical case on authorization
In file /staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization.go,
function WithAuthorization() returns DecisionAllow before error check.
It is intentional to avoid leaking authorization errors to attackers.
This patch add a comment here to give a hint
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix installation and use of vendored godep
**What this PR does / why we need it**:
Fixes the installation of the vendored godep to ensure that the binary ends up in the path when it's done.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58975
**Special notes for your reviewer**:
It looks like this broke in https://github.com/kubernetes/kubernetes/pull/51766, but didn't matter because our pinned version was the same as the latest version (so we didn't notice). This fixes it in my local env -- hopefully it will in CI too.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add test/fix for ErrShortBuffer edgecase
**What this PR does / why we need it**:
Found a bug with YAMLToJSONDecoder where subsequent reads after `io.ErrShortBuffer` would return values from the next yaml section, rather than the rest of the section I was reading.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#59055https://github.com/kubernetes/kubernetes/issues/59055
**Special notes for your reviewer**:
**Release note**:
```release-note
YAMLDecoder Read now tracks rest of buffer on io.ErrShortBuffer
```
The ifupdown commands (ifup and ifdown) are not useful on many modern
distributions. Instead, the "ip link set" set of commands are standard
linux utilities and should be available everywhere (see
http://baturin.org/docs/iproute2/).
ipupdown utilities have the added quirk that they return 0 on failure,
which makes the changed line fail silently in case ifdown didn't bring
the network down.
After the interface was brought back up, renew DHCP requests to ensure
the network is actually useable.
Signed-off-by: Chris Glass <chris.glass@canonical.com>
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix typo and comments
**What this PR does / why we need it**:
Fix typo across the azure package.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove unused func in FakeConfigurator of scheduler
**What this PR does / why we need it**:
Current scheduler `Configurator` interface looks like this:
```
type Configurator interface {
GetPriorityFunctionConfigs(priorityKeys sets.String) ([]algorithm.PriorityConfig, error)
GetPriorityMetadataProducer() (algorithm.PriorityMetadataProducer, error)
GetPredicateMetadataProducer() (algorithm.PredicateMetadataProducer, error)
GetPredicates(predicateKeys sets.String) (map[string]algorithm.FitPredicate, error)
GetHardPodAffinitySymmetricWeight() int32
GetSchedulerName() string
MakeDefaultErrorFunc(backoff *util.PodBackoff, podQueue core.SchedulingQueue) func(pod *v1.Pod, err error)
// Needs to be exposed for things like integration tests where we want to make fake nodes.
GetNodeLister() corelisters.NodeLister
GetClient() clientset.Interface
GetScheduledPodLister() corelisters.PodLister
Create() (*Config, error)
CreateFromProvider(providerName string) (*Config, error)
CreateFromConfig(policy schedulerapi.Policy) (*Config, error)
CreateFromKeys(predicateKeys, priorityKeys sets.String, extenders []algorithm.SchedulerExtender) (*Config, error)
}
```
Funcs `ResponsibleForPod` and `Run` once existed have been removed, so the funcs in `FakeConfigurator` should be removed accordingly.
**Special notes for your reviewer**:
/kind cleanup
/sig scheduling
**Release note**:
```release-note
NONE
```
`lsblk` reads fs type info from udev files. If udev rules are not
installed. `lsblk` could not get correct fs type. This will cause
problems, e.g. expanding volume depends on fs type of disk.
Kubernetes Submit Queue