Automatic merge from submit-queue
Create a flag for route reconciliation and deprecate unused node-sync-…
cc @pwittrock to decide if it can go in 1.4. It's a zero risk cleanup, that will reduce confusion about cluster configuration.
Automatic merge from submit-queue
Allow to use GetSigner with vagrant provider
In order to run tests that require ssh access to a node on vagrant
we need to provide path to private ssh key.
Now it will be possible to do using VAGRANT_SSH_KEY environment variable
Automatic merge from submit-queue
Recombine the condition for the "shouldScale" function
The PR recombine the condition for the "shouldScale" function, abstract the common condition(hpa.Status.LastScaleTime == nil).
Automatic merge from submit-queue
etcd: data rollback tool of v3 -> v2
ref: https://github.com/kubernetes/features/issues/44
ref #20504
What?
This provides a rollback tool for some users to rollback etcd data from v3 to v2.
Automatic merge from submit-queue
Get image and machine info from apiserver in node e2e test
This PR changes node e2e test to get image and machine information from API server instead of pass them from Jenkins test framework. The original format to pass image and machine info is naming the test node as "machine-image-uuid", which is hard to parse because "-" occurs a lot in both machine and image names.
Now we add two labels "image" and "machine" into performance data. The machine type has the format "cpu:1core,memory:3.6GB".
This PR is based on #32250.
Automatic merge from submit-queue
Bumped Heapster to v1.2.0
```release-note
Bumped Heapster to v1.2.0.
More details about the release https://github.com/kubernetes/heapster/releases/tag/v1.2.0
```
Version `v1.2.0` is a stable release of the previous release candidate `v1.2.0-beta.3`. The only difference is bumped Kubernetes deps to the lastest stable release `v1.4.0-beta.3` https://github.com/kubernetes/heapster/pull/1290.
It's low risk change. It may impact HPA and Monitoring e2e tests.
Automatic merge from submit-queue
Move nginx ingress e2e to slow
Normal GCE L7 e2e takes ~15m and runs in a feature private suite. This e2e ensure that the api isn't broken, by creating an nginx controller. I plan to write a really slimmed down version for presubmit, but I need to shave off a minute to get it below 5m.
Fixes https://github.com/kubernetes/kubernetes/issues/23416
Automatic merge from submit-queue
kubectl version -c has been deprecated, use --client instead
```
Flag shorthand -c has been deprecated, please use --client instead.
```
Automatic merge from submit-queue
Add test for --quiet flag for kubectl run
This adds a test for the changes introduced in #30247 and #28801.
Ref #28695
Automatic merge from submit-queue
Only skip petset test if resource is missing
**What this PR does / why we need it**:
Unblock testing petset on other providers.
cc @pwittrock. Would like to cherrypick onto 1.4 but this is test code only, so it can wait til after release cut.
Automatic merge from submit-queue
add local subject access review API
Adds a local subject access review endpoint to allow a project-admin (someone with full rights within a namespace) the power to inspect whether a person can perform an action in his namespace. This is a separate resource be factoring like this ensures that it is impossible for him to look outside his namespace and makes it possible to create authorization rules that can restrict this power to a project-admin in his own namespace. Other factorings require introspection of objects.
@kubernetes/sig-auth
Automatic merge from submit-queue
make --runtime-config=api/all=true|false work
`Passing --runtime-config=api/all=true|false to apiserver will enable/disable all registered api groups`
Previously, only api/all=false was recognized, and it only disabled groups with resources.
Automatic merge from submit-queue
Skip kubectl tests (create quota and exit code) on not supported versions
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**: Fixing broken kubernetes-e2e-gke-1.4-1.3-kubectl-skew tests. Because we're running 1.4 kubectl tests against 1.3 kubectl, some kubectl tests need to be skipped on older kubectl versions.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**: @pwittrock
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
NONE
```
Bump version of golang.org/x/oauth2
Vendor google.golang.org/cloud/
Vendor google.golang.org/api/
Vendor cloud.google.com/go/compute/
Replace google.golang.org/cloud with cloud.google.com/go/
Fixes#30069
Automatic merge from submit-queue
Enable DynamicKubeletConfig in benchmark test properties
This PR fixes "change QPS limit" failure by adding "TEST_ARGS='--feature-gates=DynamicKubeletConfig=true'" in jenkins-benchmark.properties
Automatic merge from submit-queue
Kubelet: remove name filter from CRI
Since #30753 and #30463, `name` is not used to identify the container/sandbox, so remove it from CRI.
cc @yujuhong @kubernetes/sig-node @kubernetes/sig-rktnetes
Automatic merge from submit-queue
Add flag to set CNI bin dir, and use it on gci nodes
**What this PR does / why we need it**:
When using `kube-up` on GCE, following #31023 which moved the workers from debian to gci, CNI just isn't working. The root cause is basically as discussed in #28563: one flag (`--network-plugin-dir`) means two different things, and the `configure-helper` script uses it for the wrong purpose.
This PR adds a new flag `--cni-bin-dir`, then uses it to configure CNI as desired.
As discussed at #28563, I have also added a flag `--cni-conf-dir` so users can be explicit
**Which issue this PR fixes** : fixes#28563
**Special notes for your reviewer**:
I left the old flag largely alone for backwards-compatibility, with the exception that I stop setting the default when CNI is in use. The value of `"/usr/libexec/kubernetes/kubelet-plugins/net/exec/"` is unlikely to be what is wanted there.
**Release note**:
```release-note
Added new kubelet flags `--cni-bin-dir` and `--cni-conf-dir` to specify where CNI files are located.
Fixed CNI configuration on GCI platform when using CNI.
```
Automatic merge from submit-queue
Adding support for upgrading testing across image types.
Adds support for upgrade testing across image types.
@spxtr @vishh @ixdy @pwittrock
This change only affects upgrade testing. This does not touch production code and hence should be safe for cherrypicks into the 1.4 release branch.
Automatic merge from submit-queue
dockershim: add unit tests for sandbox/container status
Also add a fake clock in the FakeDockerClient to allow testing container
CreatedAt, StartedAt, FinishedAt timestamps.
Automatic merge from submit-queue
Update release notes of OpenAPI support
OpenAPI support is enabled by default in 1.4 (no documentation or automation system depends on it yet), this PR reflect the fact that it is enabled by default in release notes.
Currently, only api/all=false does something (disables
all groups that have resources). Make api/all=false disable all groups
(not just those with resources), and make api/all=true enable
all groups
Minhan Xia