Automatic merge from submit-queue (batch tested with PRs 42087, 43383, 43622)
move category expansion out of restmapper
RESTMapping isn't related to CategoryExpansion (the bit that expands "all" into items to be RESTMapped). This provides that separation and simplifies the RESTMapper interface.
@kubernetes/sig-cli-pr-reviews
Automatic merge from submit-queue
proxy to IP instead of name, but still use host verification
I think I found a setting that lets us proxy to an IP and still do hostname verification on the certificate.
@liggitt @sttts Can you see if you agree that this knob does what I think it does? Last commit only, still needs tests.
Automatic merge from submit-queue
Add plugin/pkg/scheduler to linted packages
**What this PR does / why we need it**:
Adds plugin/pkg/scheduler to linted packages to improve style correctness.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#41868
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
add proxy client-certs to kube-apiserver to allow it to proxy aggregated api servers
The `kube-apiserver` contains the aggregator for combining API servers and `kubeadm` has the client certificates required for aggregated API servers to trust the authentication info. This wires those bits together.
@luxas
Automatic merge from submit-queue
local-up-cluster.sh should create a default storage class
To make dynamic provisioning working out of the box in local cluster a default
storage class needs to be instantiated.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 43681, 40423, 43562, 43008, 43381)
Changes for removing deadcode in taint_tolerations
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#43007
Automatic merge from submit-queue (batch tested with PRs 43681, 40423, 43562, 43008, 43381)
k8s.io/apiserver: make maxRetryWhenPatchConflicts public
This variable used to be public (before https://github.com/kubernetes/kubernetes/pull/37468). It is pretty use-full to write reliable integration tests that involve resource patching, and it is used in downstream project for that purpose.
Automatic merge from submit-queue (batch tested with PRs 43681, 40423, 43562, 43008, 43381)
Openstack cinder v1/v2/auto API support
**What this PR does / why we need it**:
It adds support for v2 cinder API + autodetection of available cinder API level (as in LBs).
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#39572
**Special notes for your reviewer**:
Based on work by @anguslees. The first two commits are just rebased from https://github.com/kubernetes/kubernetes/pull/36344 which already had a lgtm by @jbeda
**Release note**:
```
Add support for v2 cinder API for openstack cloud provider. By default it autodetects the available version.
```
Automatic merge from submit-queue
added prompt warning if etcd3 media type isn't set during upgrade
**What this PR does / why we need it**:
This adds a prompt confirming the upgrade when `STORAGE_MEDIA_TYPE` is not explicitly set. This is to prevent users from accidentally upgrading to protobuf.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
Alongs with docs, addresses #43669
**Special notes for your reviewer**:
Should be cherrypicked onto `release-1.6`
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 41728, 42231)
Fix docker volume selinux issue
**What this PR does / why we need it**:
**Which issue this PR fixes** * Fixes#42230
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 41728, 42231)
Adding new tests to e2e/vsphere_volume_placement.go
**What this PR does / why we need it**:
Adding new tests to e2e/vsphere_volume_placement.go
Below is the tests description and test steps.
**Test Back-to-back pod creation/deletion with different volume sources on the same worker node**
1. Create volumes - vmdk2, vmdk1 is created in the test setup.
2. Create pod Spec - pod-SpecA with volume path of vmdk1 and NodeSelector set to label assigned to node1.
3. Create pod Spec - pod-SpecB with volume path of vmdk2 and NodeSelector set to label assigned to node1.
4. Create pod-A using pod-SpecA and wait for pod to become ready.
5. Create pod-B using pod-SpecB and wait for POD to become ready.
6. Verify volumes are attached to the node.
7. Create empty file on the volume to make sure volume is accessible. (Perform this step on pod-A and pod-B)
8. Verify file created in step 5 is present on the volume. (perform this step on pod-A and pod-B)
9. Delete pod-A and pod-B
10. Repeatedly (5 times) perform step 4 to 9 and verify associated volume's content is matching.
11. Wait for vmdk1 and vmdk2 to be detached from node.
12. Delete vmdk1 and vmdk2
**Test multiple volumes from different datastore within the same pod**
1. Create volumes - vmdk2 on non default shared datastore.
2. Create pod Spec with volume path of vmdk1 (vmdk1 is created in test setup on default datastore) and vmdk2.
3. Create pod using spec created in step-2 and wait for pod to become ready.
4. Verify both volumes are attached to the node on which pod are created. Write some data to make sure volume are accessible.
5. Delete pod.
6. Wait for vmdk1 and vmdk2 to be detached from node.
7. Create pod using spec created in step-2 and wait for pod to become ready.
8. Verify both volumes are attached to the node on which PODs are created. Verify volume contents are matching with the content written in step 4.
9. Delete POD.
10. Wait for vmdk1 and vmdk2 to be detached from node.
11. Delete vmdk1 and vmdk2
**Test multiple volumes from same datastore within the same pod**
1. Create volumes - vmdk2, vmdk1 is created in testsetup
2. Create pod Spec with volume path of vmdk1 (vmdk1 is created in test setup) and vmdk2.
3. Create pod using spec created in step-2 and wait for pod to become ready.
4. Verify both volumes are attached to the node on which pod are created. Write some data to make sure volume are accessible.
5. Delete pod.
6. Wait for vmdk1 and vmdk2 to be detached from node.
7. Create pod using spec created in step-2 and wait for pod to become ready.
8. Verify both volumes are attached to the node on which PODs are created. Verify volume contents are matching with the content written in step 4.
9. Delete POD.
10. Wait for vmdk1 and vmdk2 to be detached from node.
11. Delete vmdk1 and vmdk2
**Which issue this PR fixes**
fixes #
**Special notes for your reviewer**:
Executed tests against K8S v1.5.3 release
**Release note**:
```release-note
NONE
```
cc: @kerneltime @abrarshivani @BaluDontu @tusharnt @pdhamdhere
Automatic merge from submit-queue
Remove unpaired '}'
**What this PR does / why we need it**:
The sample in examples/persistent-volume-provisioning/README.md had an extra/unpaired '}'.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 43694, 41262, 42911)
Bump go-systemd to v14
**What this PR does / why we need it**: bump go-systemd to the latest release, which includes a build tag fix so non-cgo systems can compile.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**: go-systemd added an option to unset the `NOTIFY_SOCKET` environment variable as part of the execution of `SdNotify`. I have set that to true, which means that child processes (if any) won't have that set. If anyone thinks it should remain set, I'm happy to change it to false - just let me know.
**Release note**:
```release-note
```
cc @smarterclayton @sdodson @deads2k @sttts @lavalamp @caesarxuchao
Automatic merge from submit-queue (batch tested with PRs 42900, 43044, 42896, 43308, 43621)
enable generation
Looks like the deep equals and conversion generation were turned off for sample-apiserver and kube-aggregator. This turns them back on.
@kubernetes/sig-api-machinery-misc
Automatic merge from submit-queue (batch tested with PRs 42900, 43044, 42896, 43308, 43621)
require codecfactory
The genericapiserver requires a codec to start. Help new comers to the API by forcing them to set it when they create a new config.
Automatic merge from submit-queue (batch tested with PRs 42900, 43044, 42896, 43308, 43621)
Convert PrefixWriter to an interface
Convert PrefixWriter to an interface to allow other packages to create instances. This is needed for downstream projects such as OpenShift.
cc @sttts @smarterclayton @oulinbao @deads2k @liggitt @kargakis @soltysh @kubernetes/sig-cli-pr-reviews
Automatic merge from submit-queue
rewire aggregation handling chain to be normal
Uses https://github.com/kubernetes/kubernetes/pull/42886 to allow the aggregator to be "normal" as far as the handling chain goes. This will allow for cleaner composition.
@kubernetes/sig-api-machinery-misc
Automatic merge from submit-queue
remove extra function call
We have read user info from context in previous line. No need to call
this function again.
**Special notes for your reviewer**:
**Release note**:
```NONE
```
Automatic merge from submit-queue
Added failing upgrade if there is more than one master replicas.
Added failing upgrade (on GCE) if there is more than one master replicas. Related to #43688.
```release-note
None
```
Automatic merge from submit-queue
force callers to specify the cert dns names
When generic apiservers were self-signing, they signed for service names they didn't control. This stops them from doing that.
@kubernetes/sig-api-machinery-misc @ncdc
Automatic merge from submit-queue
fix createProvisionedPV result err judgenment bug
When ctrl.kubeClient.Core().PersistentVolumes().Create(volume) returns no err, and storeVolumeUpdate() fails, we save PV sucessfully ,but here err is not nil,we should not run the codes next in block if err != nil {} to delete the storage asset.
same in the deletion retries below
change the err names to make it clear
**Release note**:
```release-note
NONE
```
@jsafrane @saad-ali PTAL. Thanks
Automatic merge from submit-queue
Fix PVC Annotations
annDynamicallyProvisioned is added to PV, while PVC has annStorageProvisioner.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
kubelet: check and enforce minimum docker api version
**What this PR does / why we need it**:
This PR adds enforcing a minimum docker api version (same with what we have do for dockertools).
**Which issue this PR fixes**
Fixes#42696.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
allow combining API servers
Builds on https://github.com/kubernetes/kubernetes/pull/42886 (already lgtm'ed)
We need to be able to chain multiple API servers together so that a fallthrough case from to another results in delegated handling without double wrapping. We also need to be able to combine shared lists like healthz and poststarthooks so that a single API server start will run all the poststarthooks and present a unified view of health. This creates an interface and methods to provide that wiring.
@kubernetes/sig-api-machinery-misc @ncdc
Kubernetes Submit Queue