The admission controller adds a default class to PVCs that do not require any
specific class. This way, users (=PVC authors) do not need to care about
storage classes, administrator can configure a default one and all these PVCs
that do not care about class will get the default one.
Automatic merge from submit-queue
Add tag [benchmark] to node-e2e-test where performance limits are not verified
This PR adds a new tag "[benchmark]" to density and resource-usage node e2e test. The performance limits will not be verified at the end of benchmark tests.
Automatic merge from submit-queue
Expose flags for new NodeEviction logic in NodeController
Fix#28832
Last PR from the NodeController NodeEviction logic series.
cc @davidopp @lavalamp @mml
Automatic merge from submit-queue
Support for no object-native cluster name in federated libs
As the deadlines are near and #28921 is still in review and may in the end not entirely suit the lib needs (like ClusterName only in FederatedApiServer) it may be better to not depend on it the libs. So this chanegd:
- makes federated informer return a pair obj + cluster name when it is relevant
- removes preprocessing handler which caused locking/race troubles anyway
The impact on controllers that are still in review is minimal (just couple lines of code).
cc: @quinton-hoole @wojtek-t @kubernetes/sig-cluster-federation
Automatic merge from submit-queue
Remove incorrect docs about unset fields in NetworkPolicyPeer
While hammering out the semantics of not-present vs present-but-empty, we appear to have added incorrect clarifications to NetworkPolicyPeer, where the semantics of PodSelector not being present is supposed to be "do what NamespaceSelector" says, not "select no pods", and likewise with NamespaceSelector not being present.
I think it's clearest if we just don't say anything, since we already said "Exactly one of the following must be specified" above. Alternatively we could be redundant and say "(If not provided, then NamespaceSelector must be set.)" or something like that.
@caseydavenport @thockin
Automatic merge from submit-queue
Implement federation API server authentication e2e tests.
This PR depends on #30397. Please review only the last commit here.
Fixes: Issue #28602.
cc @kubernetes/sig-cluster-federation
Automatic merge from submit-queue
Allow a flag that forces kubelet to have a valid kubeconfig
`--require-kubeconfig` forces the kubelet to use the kubeconfig for all
APIserver communication, and exit cleanly. Allows cluster lifecycle to loop waiting for config to be available.
Fixes#30515
A follow up PR will handle the issue discovered where the DefaultCluster rules applied to kubeconfig allow a malicious party who can bind to localhost:8080 to take advantage of an admin misconfiguration.
@lukemarsden @mikedanese
```release-note
The Kubelet now supports the `--force-kubeconfig` option which reads all client config from the provided `--kubeconfig` file and will cause the Kubelet to exit with error code 1 on error. It also forces the Kubelet to use the server URL from the kubeconfig file rather than the `--api-servers` flag. Without this flag set, a failure to read the kubeconfig file would only result in a warning message.
In a future release, the value of this flag will be defaulted to `true`.
```
Automatic merge from submit-queue
Node Conformance Test: Statically link etcd
For #30122, #30174.
This PR is part of our roadmap to package node conformance test.
It statically linked etcd into the node e2e framework. In the future all e2e services will be linked in, and print log into the same log file `services.log`.
@dchen1107 @vishh
/cc @kubernetes/sig-node
Automatic merge from submit-queue
Nodecontroller doesn't flip readiness on pods if kubeletVersion < 1.2.0
Older versions of the kubelet didn't know how to reconcile pod.Status, so the nodecontroller would mark pods NotReady on netsplit, and if the partition recovered in < 5m, the pods would never get marked Ready resulting in NotReady endpoints indefinitely (till kubelet restart/pod recreate etc).
Automatic merge from submit-queue
AWS: Handle kube-down case where the LaunchConfig is dangling
**What this PR does / why we need it**:
Fixed `cluster/kube-down.sh` on AWS in the case where no minions were started.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: N/A
**Special notes for your reviewer**: N/A
**Release note**:
If we can't infer it from the tagged instances, assume we've created
the $ASG_NAME.
Automatic merge from submit-queue
Change kubectl create to use dynamic client
https://github.com/kubernetes/kubernetes/issues/16764https://github.com/kubernetes/kubernetes/issues/3955
This is a series of changes to allow kubectl create to use discovery-based REST mapping and dynamic clients.
cc @kubernetes/sig-api-machinery
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
kubectl will no longer do client-side defaulting on create and replace.
```
Automatic merge from submit-queue
Provide absolute path to cross build image VERSION file.
This allows invoking builds from non-root directories. This in turn allows invoking federation `make` from the `federation/` directory.
Automatic merge from submit-queue
Fix default resource limits (node allocatable) for downward api volumes and env vars
@kubernetes/rh-cluster-infra @pmorie @derekwaynecarr
Automatic merge from submit-queue
Federated namespace controller
Implemented based on federation common libs.
Depends on #30126.
cc: @quinton-hoole @wojtek-t @kubernetes/sig-cluster-federation
Automatic merge from submit-queue
Added warning msg for `kubectl get`
- added warning description regarding terminated pods to `get` long help message
- added printing of warning message in case of `get pods` if there are hidden pods
Fixes#22986 (initiall PR and discussion are here #26417)
## **Output examples:**
### # kubectl get pods
```
NAME READY STATUS RESTARTS AGE
dapi-test-pod1 0/1 Terminating 0 22h
liveness-http 0/1 CrashLoopBackOff 11245 22d
ubuntu1-1206318548-oh9tc 0/1 CrashLoopBackOff 2336 8d
info: 1 completed object(s) was(were) not shown in pods list. Pass --show-all to see all objects.
```
### # kubectl get pods,namespaces
```
NAME READY STATUS RESTARTS AGE
po/dapi-test-pod1 0/1 Terminating 0 22h
po/liveness-http 1/1 Running 11242 22d
po/ubuntu1-1206318548-oh9tc 0/1 CrashLoopBackOff 2335 8d
info: 1 completed object(s) was(were) not shown in pods list. Pass --show-all to see all objects.
NAME STATUS AGE
ns/default Active 89d
ns/kube-system Active 41d
```
### # kubectl get pods -a
```
NAME READY STATUS RESTARTS AGE
busybox 0/1 Error 0 27d
dapi-test-pod1 0/1 Terminating 0 22h
liveness-http 0/1 CrashLoopBackOff 11245 22d
ubuntu1-1206318548-oh9tc 0/1 CrashLoopBackOff 2336 8d
```
### # kubectl get -h
```
Display one or many resources.
Possible resource types include (case insensitive): pods (aka 'po'), services (aka 'svc'), deployments (aka 'deploy'),
replicasets (aka 'rs'), replicationcontrollers (aka 'rc'), nodes (aka 'no'), events (aka 'ev'), limitranges (aka 'limits'),
persistentvolumes (aka 'pv'), persistentvolumeclaims (aka 'pvc'), resourcequotas (aka 'quota'), namespaces (aka 'ns'),
serviceaccounts (aka 'sa'), ingresses (aka 'ing'), horizontalpodautoscalers (aka 'hpa'), daemonsets (aka 'ds'), configmaps (aka 'cm'),
componentstatuses (aka 'cs), endpoints (aka 'ep'), petsets (alpha feature, may be unstable) and secrets.
This command will hide resources that have completed. For instance, pods that are in the Succeeded or Failed phases.
You can see the full results for any resource by providing the '--show-all' flag.
By specifying the output as 'template' and providing a Go template as the value
of the --template flag, you can filter the attributes of the fetched resource(s).
Examples:
.........
````
Automatic merge from submit-queue
use Reader.ReadLine instead of bufio.Scanner to support bigger yaml
@smarterclayton ptal. Also refer #19603#23125 for more details.
Automatic merge from submit-queue
pkg/storage: remove Codec() from interface
What?
Removes Codec() from storage.Interface.
Why?
- storage interface doesn't need to expose Codec().
- Codec() isn't used anywhere.
Jan Safranek