Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use full gopath for externalTypes
**What this PR does / why we need it**:
Seems like @soltysh has no thread to fix the testing failure and rebase to solve the conflict in #55703. This PR cherry-pick it's commit and supersedes it to avoid the change to be rebase-blocker.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#55703
**Special notes for your reviewer**:
/cc @soltysh @sttts @smarterclayton @liggitt
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Reduce memory footprint of admission metrics
Fix#56061
Remove `SummaryVec` from all but the top level metric and reduce buckets for the histogram from 7 to 5.
For a small test cluster, the `Individual Memory Usage: kube-system kube-apiserver-kubernetes-master` grafana metric suggests showed the memory footprint of apiserver at 655MB before this change and 415MB after, suggesting this accounts for the vast majority of the ~200MB of memory increase found in #56061.
```release-note
None
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add kube config file of kube-proxy to kube-proxy config map
**What this PR does / why we need it**:
fix kube-proxy config bug in kubeadm build cluster
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixeskubernetes/kubeadm#570
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Increase log level of failed AWS public dns lookup
This constantly spams us because none of our nodes have a public IP. We
run kubelet at -v=2 as recommended.
The message is "Could not determine public DNS from AWS metadata." Debatable if this should even be logged at all, but I don't mind at a higher log level.
**What this PR does / why we need it**:
Self explanatory.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add validation of kubelet and kube-proxy configuration in kubeadm.
**What this PR does / why we need it**:
kubeadm has implemented the support for Kubelet Dynamic Configuration. This PR adds validation on the kubelet configuration.
kube-proxy validation also added in this PR.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
ref: https://github.com/kubernetes/kubeadm/issues/28
**Special notes for your reviewer**:
/cc @luxas @kubernetes/sig-cluster-lifecycle-pr-reviews
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove SupportIPVSProxyMode feature gate in kubeadm.
**What this PR does / why we need it**:
Since #55972 gets merged, kubeadm now supports using kube-proxy ComponentConfig. Then `SupportIPVSProxyMode` feature gate can be configured in kube-proxy config. There is no need to config the feature gate in kubeadm (workaround introduced by #53962). The benefit of removing it I can think of is that we don't need to care about the IPVS feature evolution in kubeadm any longer.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubeadm/issues/512
**Special notes for your reviewer**:
/cc @luxas @Lion-Wei @kubernetes/sig-cluster-lifecycle-pr-reviews
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make healthchecks skippable, and check masters only
**What this PR does / why we need it**:
Previously kubeadm would abort if _any_ node was not Ready. This is obviously infeasible in a non-trivial (esp. baremetal) cluster.
This PR makes two changes:
- Allows kubeadm healthchecks to be selectively skipped (made non-fatal) with --ignore-checks-errors.
- Check only that the *master* nodes are Ready.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes kubernetes/kubeadm#539
**Special notes for your reviewer**:
Builds on #56072
**Release note**:
```release-note
kubeadm health checks can also be skipped with `--ignore-checks-errors`
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use kube-proxy ComponentConfig in kubeadm clusters
This change adds configuring the kube-proxy bind address to be an
IPv6 address based on the whether the API server advertise address is IPv6.
It is doing this via the kube-proxy ComponentConfig API now from v1.9
**What this PR does / why we need it**:
This PR sets the bind address for kube-proxy to be a IPv6 address. This is needed for IPv6
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#50927
Fixes https://github.com/kubernetes/kubeadm/issues/527
**Special notes for your reviewer**:
**Release note**:
```release-note
Adds kubeadm support for using ComponentConfig for the kube-proxy
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix controlplane unit tests
What this PR does / why we need it:
when the flexvolumeDirVolumePath is truely existent in the host,
```cmd/kubeadm/app/phases/controlplane``` unit tests will be failed.
Fixes#56189
Release note:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 52049, 56176). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Install kmod instead of module-init-tools in iptables image
**What this PR does / why we need it**: another bit of #52744 that was inadvertently missed.
The debian-iptables image that was pushed already had this fix, but it got lost in rebase, I think.
`module-init-tools` was an alias for `kmod` in debian:jessie, but debian:stretch removed the former.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix failure to load volume plugins for #52048
Currently we have two plugin managers.
However one of them limits the cloud plugins it loads.
This means that if cloud provider is set to external the plugins will
not be loaded in *that* plugin manager. However they will be loaded in
the other instance of the plugin manager. So it does not actually save
us anything. It does hamper the efforts to actually get stage 1
separation working.
**What this PR does / why we need it**: It allows the plugins be found for the cloud providers working on stage 1 separation.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#52048
**Special notes for your reviewer**:
**Release note**:
```release-note NONE
```
Automatic merge from submit-queue (batch tested with PRs 56208, 55690). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Dump last curl output if cluster fails to come up.
**What this PR does / why we need it**:
This is a step toward solving #55686
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 56208, 55690). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: rename flag to --ignore-preflight-errors
**What this PR does / why we need it**:
Addresses comments in #56072
Improves user experience by using name that is more
descriptive.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixeskubernetes/kubeadm#480
**Special notes for your reviewer**:
/area kubeadm
/sig cluster-lifecycle
/assign @timothysc
**Release note**:
```release-note
NONE
```
This admission plugin puts finalizer to every created PVC. The finalizer is
removed by PVCProtectionController when the PVC is not referenced by any
pods and thus the PVC can be deleted.
Kubernetes Submit Queue