Automatic merge from submit-queue (batch tested with PRs 43500, 44073)
[Federation] Add option to retrieve e2e cluster config from secrets
Previously the federation e2e setup was reading member cluster configuration from the test run's kubeconfig. This change removes that dependency in favor of reading member cluster configuration from secrets in the hosting cluster, and caches the configuration to avoid having to read it separately for each test.
cc: @kubernetes/sig-federation-pr-reviews @perotinus
Automatic merge from submit-queue
[Federation] Add simple upgrade test
This PR adds a simple upgrade test that targets all registered federated types.
cc: @kubernetes/sig-federation-pr-reviews @perotinus
On platforms like OpenShift that don't run containers as root by
default, binding to ports < 1000 is not permitted. Having the
apiserver bind to a high port means it can run with reduced
privileges. The service will still expose the apiserver on 443, so
this change shouldn't impact clients of the federation api.
Automatic merge from submit-queue (batch tested with PRs 44222, 44614, 44292, 44638)
Update dummy certificate used in porter image
**What this PR does / why we need it**: the dummy certificate used for the porter image is incompatible with go1.8+ since it is missing NULL parameters for the RSA public key.
I haven't pushed the new porter image yet.
I verified that this appears to fix the issue. Based on https://github.com/kubernetes/kubernetes/issues/38228#issuecomment-280213590, for the old cert:
```console
$ openssl x509 -in localhost.crt -outform der | openssl asn1parse -inform der -i
...
105:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
116:d=3 hl=2 l= 75 prim: BIT STRING
...
```
and the new cert:
```console
$ openssl x509 -in localhost.crt -outform der | openssl asn1parse -inform der -i
...
127:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
138:d=4 hl=2 l= 0 prim: NULL
140:d=3 hl=4 l= 271 prim: BIT STRING
...
```
**Release note**:
```release-note
NONE
```
cc @liggitt @lavalamp @luxas
Automatic merge from submit-queue (batch tested with PRs 44222, 44614, 44292, 44638)
Optionally deploy kubernetes dashboard in local-up cluster
**What this PR does / why we need it**:
Enable users of local up cluster to optionally deploy the kubernetes dashboard.
**Special notes for your reviewer**:
The dashboard is especially useful when working on k8s + service catalog at the same time.
Automatic merge from submit-queue (batch tested with PRs 44222, 44614, 44292, 44638)
Smarter generic getters and describers
Makes printers and describers smarter for generic resources.
This traverses unstructured objects and prints their attributes for generic resources (TPR, federated API, etc) in `kubectl get` and `kubectl describe`. Makes use of the object's field names to come up with a best guess for describer labels and get headers, and field value types to understand how to better print it, indent, etc.
A nice intermediate solution while we don't have [get and describe extensions](https://github.com/kubernetes/community/pull/308).
Examples:
```
$ kubectl get serviceclasses
NAME KIND BINDABLE BROKER NAME OSB GUID
user-provided-service ServiceClass.v1alpha1.servicecatalog.k8s.io false ups-broker 4f6e6cf6-ffdd-425f-a2c7-3c9258ad2468
```
```
$ kubectl describe serviceclasses/user-provided-service
Name: user-provided-service
Namespace:
Labels: <none>
Annotations: FOO=BAR
openshift.io/deployment.phase=test
OSB Metadata: <nil>
Kind: ServiceClass
Metadata:
Self Link: /apis/servicecatalog.k8s.io/v1alpha1/serviceclassesuser-provided-service
UID: 1509bd96-1b05-11e7-98bd-0242ac110006
Resource Version: 256
Creation Timestamp: 2017-04-06T20:10:29Z
Broker Name: ups-broker
Bindable: false
Plan Updatable: false
OSB GUID: 4f6e6cf6-ffdd-425f-a2c7-3c9258ad2468
API Version: servicecatalog.k8s.io/v1alpha1
Plans:
Name: default
OSB GUID: 86064792-7ea2-467b-af93-ac9694d96d52
OSB Free: true
OSB Metadata: <nil>
Events: <none>
```
**Release note**:
```release-note
Improved output on 'kubectl get' and 'kubectl describe' for generic objects.
```
PTAL @pmorie @pwittrock @kubernetes/sig-cli-pr-reviews
Previously runServer would try to listen again if a listener error
occurred. This commit changes the response to a panic to allow a
process manager (systemd/kubelet/etc) to react to the failure.
Automatic merge from submit-queue
namespace deletion and kubelet restart tests for vSphere cloud provider
**What this PR does / why we need it**:
Following tests for vSphere cloud provider are added as part of this PR
**Test to verifiy that a volume mounted to a pod that is deleted while the kubelet is down, unmounts volume when the kubelet returns**
**Steps:**
1. Create volume (vmdk)
2. Create PV with volume path for the vmdk.
3. Create PVC to bind with PV.
4. Create a pod using the PVC.
5. Verify disk is attached to the node. and verify volume is mounted on the node.
6. Stop kubelet.
7. Delete pod.
8. Start kubelet.
9. Verify that volume mount not to be found on the node.
**Test to verify that deleting the Namespace of a PVC and Pod causes the successful detach of Persistent Disk.**
**Steps:**
1. Create volume (vmdk)
2. Create PV with volume path for the vmdk.
3. Create PVC to bind with PV.
4. Create a pod using the PVC.
5. Verify disk is attached to the node.
6. Delete Namespace.
7. Wait for namespace to get deleted. (Namespace deletion should trigger deletion of belonging pods)
8. Verify volume should be detached from the node.
Moved test from https://github.com/kubernetes/kubernetes/pull/41976
**Test to verify that a volume mounted to a pod remains mounted after a kubelet restarts.**
1. Create volume (vmdk)
2. Create PV with volume path for the vmdk.
3. Create PVC to bind with PV.
4. Create a pod using the PVC.
5. Verify disk is attached to the node.
6. Write to the volume
7. Restart kubelet on the node on which pod is provisioned.
8. Verify that written file is accessible after kubelet restart.
9. Delete pod.
10. Delete PV, PVC
11. Wait for VMDK to detach from node.
12. Delete VMDK
**Which issue this PR fixes**
fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
cc: @abrarshivani @BaluDontu @tusharnt @pdhamdhere
This should only happen if the Jobs were created by an older version
of the CronJob controller, since from now on we add ControllerRef upon
creation.
CronJob doesn't do actual adoption because it doesn't use label
selectors to find its Jobs. However, we should apply ControllerRef
for potential server-side cascading deletion, and to advise other
controllers we own these objects.
Automatic merge from submit-queue (batch tested with PRs 44500, 44457, 44553, 44267, 44617)
nits in service e2e test logging
Saw some weird logs from CI [gce-alpha-features](https://k8s-testgrid.appspot.com/google-gce#gce-alpha-features&width=5).
```
...
Health checking bootstrap-e2e-minion-group-3tm9, http://35.188.44.206:32733//healthz, expectedSuccess true
...
Expected %!!(MISSING)s(int=2) failures on bootstrap-e2e-minion-group-8h0q//healthz, got 0, err
...
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 43000, 44500, 44457, 44553, 44267)
add kubectl config view test code
**What this PR does / why we need it**:
kubectl config view test code
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
think you very much :)
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 43000, 44500, 44457, 44553, 44267)
EventTypeWarning replaces EventTypeNormal when failed
**What this PR does / why we need it**:
it is similar to #44083 and #44378
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 43000, 44500, 44457, 44553, 44267)
Updates e2e_node test to allow both kubenet and cni to be specified f…
…or the network plugin.
This adds a simple CNI configuration which is added to the node during test setup.
This also modifies the default flags in services/kubelet.go to specify the "cni-bin-dir"
and the "cni-conf-dir" and removes the "network-plugin-dir" flag. This leaves the default
network plugin to kubenet.
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 43000, 44500, 44457, 44553, 44267)
Add Kubernetes 1.6 support to Juju charms
**What this PR does / why we need it**:
This adds Kubernetes 1.6 support to Juju charms.
This includes some large architectural changes in order to support multiple versions of Kubernetes with a single release of the charms. There are a few bug fixes in here as well, for issues that we discovered during testing.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
Thanks to @marcoceppi, @ktsakalozos, @jacekn, @mbruzek, @tvansteenburgh for their work in this feature branch as well!
**Release note**:
```release-note
Add Kubernetes 1.6 support to Juju charms
Add metric collection to charms for autoscaling
Update kubernetes-e2e charm to fail when test suite fails
Update Juju charms to use snaps
Add registry action to the kubernetes-worker charm
Add support for kube-proxy cluster-cidr option to kubernetes-worker charm
Fix kubernetes-master charm starting services before TLS certs are saved
Fix kubernetes-worker charm failures in LXD
Fix stop hook failure on kubernetes-worker charm
Fix handling of juju kubernetes-worker.restart-needed state
Fix nagios checks in charms
```
TestEtcdStoragePath prevents the accidental movement of objects stored
in etcd. It creates a stub of each object and then checks the expected
location in etcd. Inadvertent GroupVersionKind changes are prevented.
Signed-off-by: Monis Khan <mkhan@redhat.com>
Automatic merge from submit-queue
go-to-protobuf: actually skip - packages
If a package is prefixed with -, we are not supposed to be generating
protobuf for it. Make that actually happen :-)
cc @smarterclayton @sttts @deads2k @liggitt @kubernetes/sig-api-machinery-pr-reviews
Automatic merge from submit-queue
Allow configurable etcd options
**What this PR does / why we need it**:
Allows users to set the `--listen-client-urls` and `--advertise-client-urls` flags on etcd binaries for clusters set up with kubeadm.
**Which issue this PR fixes**:
As far as I can tell right now, other nodes in a cluster set up with kubeadm cannot communicate with the etcd static pod running on the master. This is needed in order to set up calico/canal SDN which needs access to a publicly addressable IPv4 _before_ the overlay network and inter-cluster subnet is created.
Addresses https://github.com/kubernetes/features/issues/138 and https://github.com/kubernetes/features/issues/11.
**Release note**:
```release-note
Users can now specify listen and advertise URLs for etcd in a kubeadm cluster
```
Automatic merge from submit-queue
Fixed `kubectl cluster-info dump` to support multi-container pod.
Fixed `kubectl cluster-info dump` to support multi-container pod.
**Release note**:
```
Improve `kubectl cluster-info dump` to support multi-container pod information dump.
```
Fixed#44069
Kubernetes Submit Queue