Automatic merge from submit-queue
add kubectl cp
Implements `kubectl cp` (https://github.com/kubernetes/kubernetes/issues/13776)
Syntax examples:
```sh
# Copy from pod to local machine
$ kubectl cp [namespace/]pod:/some/file/or/dir ./some/local/file/or/dir
# Copy from local machine to pod
$ kubectl cp /some/local/file/or/dir [namespace/]pod:/some/remote/file/or/dir
```
@deads2k @smarterclayton @kubernetes/sig-cli
Automatic merge from submit-queue
Better kubectl run validations
Adds more validations to flags that must be mutually exclusive in `kubectl run`. For example, `--dry-run` must not be used with `--attach`, `--stdin` or `--tty`. Adds unit tests for these new validations and some previously existing ones.
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
NONE
```
Automatic merge from submit-queue
kubeadm: added unit test for app/preflight pkg
Added unit test for kubeadm/app/preflight package testing functionality of checks.go.
This PR is part of the ongoing effort to add tests (#35025)
/cc @pires @jbeda
Automatic merge from submit-queue
[kubeadm] pre-flight check hostname to ensure kubelet can launch static pods li…
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**: pre-flight check hostname to ensure kubelet can launch static pods like kube-apiserver/kube-controller-manager
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
# what is the influence of this issue?
kubelet will not create api server and kcm pod if your hostname is uncorrect. It complain the config files in "/etc/kubernetes/manifests" are invlid.
# how to reproduce this issue?
change your hostname by `hostnamectl set-hostname vm_81_12_centos`. then run `kubeadm init`. you will get this error log from kubelet:
```log
Oct 27 11:12:57 vm_81_12_centos kubelet: I1027 11:12:57.279458 2695 file.go:123] Can't process config file "/etc/kubernetes/manifests/kube-controller-manager.json": invalid pod: [metadata.name: Invalid value: "kube-controller-manager-vm_81_12_centos": must match the regex [a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)* (e.g. 'example.com') spec.nodeName: Invalid value: "vm_81_12_centos": must match the regex [a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)* (e.g. 'example.com')]
```
# where the error comes from in the code?
`pkg/kubelet/config/file.go:144 sourceFile:extractFromDir`
```go
func (s *sourceFile) extractFromDir(name string) ([]*api.Pod, error) {
dirents, err := filepath.Glob(filepath.Join(name, "[^.]*"))
if err != nil {
return nil, fmt.Errorf("glob failed: %v", err)
}
pods := make([]*api.Pod, 0)
if len(dirents) == 0 {
return pods, nil
}
sort.Strings(dirents)
for _, path := range dirents {
statInfo, err := os.Stat(path)
if err != nil {
glog.V(1).Infof("Can't get metadata for %q: %v", path, err)
continue
}
switch {
case statInfo.Mode().IsDir():
glog.V(1).Infof("Not recursing into config path %q", path)
case statInfo.Mode().IsRegular():
pod, err := s.extractFromFile(path)
if err != nil {
--> glog.V(1).Infof("Can't process config file %q: %v", path, err)
} else {
pods = append(pods, pod)
}
default:
glog.V(1).Infof("Config path %q is not a directory or file: %v", path, statInfo.Mode())
}
}
return pods, nil
}
```
# how to fix it?
1. change hostname by `hostnamectl set-hostname <right host name>` or
2. add `hostnameOverride` config. If hostnameOverride is set, then kubelet will use this value instead of system hostname.
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
```
…ke kube-apiserver/kube-controller-manager and so on.
Automatic merge from submit-queue
Kubeadm added unit tests for pkg app/util
Added unit tests for kubeadm/app/util package testing functionality of tokens.go, error.go, and kubeconfig.go.
This PR is part of the ongoing effort to add tests (#35025)
/cc @pires @jbeda
Automatic merge from submit-queue
fixed some issues with kubectl set resources
when using kubectl set resources it resets all resource fields that are not being set.
for example
# kubectl set resources deployments nginx --limits=cpu=100m
followed by
# kubectl set resources deployments nginx --limits=memory=256Mi
would result in the nginx deployment only limiting memory at 256Mi with the previous
limit placed on the cpu being wiped out. This behavior is corrected so that each invocation
only modifies fields set in that command and changed the testing so that the desired behavior
is checked.
Also a typo:
you must specify an update to requests or limits or (in the form of --requests/--limits)
corrected to
you must specify an update to requests or limits (in the form of --requests/--limits)
Implemented both the dry run and local flags.
Added test cases to show that both flags are operating as intended.
Removed the print statement "running in local mode" as in PR#35112
Automatic merge from submit-queue
Remove Job also from .status.active for Replace strategy
When iterating over list of Jobs we're removing each of them when strategy is replace. Unfortunately, the job reference was not removed from `.status.active` which cause the controller trying to remove it once again during next run and failed removing what was already removed during previous run. This was cause by not removing the reference previously. This PR fixes that and cleans logs a bit, in that controller.
@erictune fyi
@janetkuo ptal
Automatic merge from submit-queue
Update drain test
Update how int convert to string in the kubectl drain test.
It is safer to use `strconv.Itoa()` than `string()`.
Automatic merge from submit-queue
Require PV provisioner secrets to match type
In 1.5, PV provisioners are allowing targeting namespaced secrets via storageclass params. This adds a requirement that those secrets' type match the volume provisioner plugin name, to prevent targeting and extraction of arbitrary secrets
Helps limit secret targeting issues mentioned in https://github.com/kubernetes/kubernetes/issues/34822
Automatic merge from submit-queue
Add "PrintErrorWithCauses" cmdutil helper
**Release note**:
```release-note
NONE
```
This patch adds a new helper function to `cmd/util/helpers.go` that
handles errors containing collections of causes and prints each cause in
a separate newline.
Automatic merge from submit-queue
Verify and update client-go staging area for every PR
We need to keep the staging area up-to-date to prevent PRs from breaking client-go.
It's marked as "WIP" because we need to decide the [versioning strategy](https://github.com/kubernetes/client-go/issues/9) for client-go first. This PR contains breaking changes for client-go.
This is blocking #29934 and potentially #34441
cc @kubernetes/sig-api-machinery
Automatic merge from submit-queue
Let release_1_5 clientset include multiple versions of a group
Fix#35237
This PR make versioned clientset to include multiple versions of a group. Currently only `batch` has `v1` and `v2alpha1`. The clientset interface now looks like:
```go
BatchV2alpha1() v2alpha1batch.BatchV2alpha1Interface
BatchV1() v1batch.BatchV1Interface
// Deprecated: please explicitly pick a version if possible.
Batch() v1batch.BatchV1Interface
```
Commit "update client-gen to say internalversion rather than unversioned" fixes https://github.com/kubernetes/kubernetes/issues/24481.
cc @kubernetes/sig-api-machinery @soltysh @deads2k @nikhiljindal
```release-note
release_1_5 clientset supports multiple versions of a group.
```
Automatic merge from submit-queue
Make overlapping deployments deletable
@kubernetes/deployment ptal
Fixes https://github.com/kubernetes/kubernetes/issues/34466 by 1) not adding the overlapping annotation in the working deployment, 2) updates observedGeneration for overlapping deployments, and 3) updates the kubectl deployment reaper to do non-cascading deletion for deployments with the overlapping annotation.
Automatic merge from submit-queue
Convert - to _ for protobuf package names
Convert - to _ for protobuf package names to allow protobuf code generation
support for go packages that have - in their names.
@smarterclayton @deads2k @liggitt @sttts @lavalamp @nikhiljindal @kubernetes/sig-api-machinery
Automatic merge from submit-queue
Add boilerplate to `kubectl completion bash`
**What this PR does / why we need it**:
Small refactor to make kubectl bash and zsh completion share
boilerplate. Previously the boilerplate was not included in the bash
script.
Automatic merge from submit-queue
support editing before creating resource
Support `kubectl create -f config.yaml --edit`
Support editing before creating resource from files, urls and stdin.
The behavior is similar to `kubectl edit`
It won't create anything when edit make no change.
partial: #18064
Based on: #33686 and #33973
```release-note
Support editing before creating resource from files, urls and stdin, e.g. `kubectl create -f config.yaml --edit`
It won't create anything when edit make no change.
```
Automatic merge from submit-queue
convert SA controller to shared informers
convert the SA controller to shared informer + workqueue.
I think one of @derekwaynecarr @ncdc or @liggitt
Automatic merge from submit-queue
Implement streaming CRI methods in dockershim
*NOTE: Temporarily includes commit from https://github.com/kubernetes/kubernetes/pull/35330 - only review the second commit.*
Builds on https://github.com/kubernetes/kubernetes/pull/35330, using the library to implement the streaming methods in various CRI shims.
This does not actually wire up the new streaming methods in the kubelet (that will be my next PR). Once the new methods are wired up, I will delete the `Legacy{Exec,Attach,PortForward}` methods.
/cc @kubernetes/sig-node @feiskyer
Automatic merge from submit-queue
allow authentication through a front-proxy
This allows a front proxy to set a request header and have that be a valid `user.Info` in the authentication chain. To secure this power, a client certificate may be used to confirm the identity of the front proxy
@kubernetes/sig-auth fyi
@erictune per-request
@liggitt you wrote the openshift one, ptal.
Automatic merge from submit-queue
Fix federation-apiserver authentication e2e tests
**What this PR does / why we need it**: Fixes couple of federation e2e tests
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes # partly fixes#35251
Previously, GetEnvParams (now called SetEnvParams) had no way of being altered unless
it was through enviroment variables. These changes allow for a global
EnvParam to be set and also altered while still initally getting their value from
set enviroment variables. This change is especially helpful for testing
(see kubeadm/app/util/kubeconfig_test.go).
Automatic merge from submit-queue
Implement package `triple` with utilities to generate certificate-key pairs for CA, server and clients.
Please review only the last commit here. This is based on PRs #35592 which will be reviewed independently.
Design Doc: PR #34484
cc @kubernetes/sig-cluster-federation @quinton-hoole @mwielgus
Automatic merge from submit-queue
Simplify negotiation in server in preparation for multi version support
This is a pre-factor for #33900 to simplify runtime.NegotiatedSerializer, tighten up a few abstractions that may break when clients can request different client versions, and pave the way for better negotiation.
View this as pure simplification.
Kubernetes Submit Queue