Automatic merge from submit-queue (batch tested with PRs 46094, 48544, 48807, 49102, 44174)
Allow user to pass various gluster volume options when glusterfs volumes are dynamically provisioned.
This patch add new storage class parameter called
`volumeoptions` which can be used to set various volume options.
for eg# if you want to enable encryption on volumes,
the values like `client.ssl on`, `server.ssl on`..etc can be passed
to `volumeoptions` parameter in storageclass.
Issue # https://github.com/kubernetes/kubernetes/issues/28454
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue (batch tested with PRs 46094, 48544, 48807, 49102, 44174)
add InstanceID to fake cadvisor (used in Kubemark)
This change is for setting Node.Spec.ProviderID field in Kubemark hollow nodes. It shouldn't affect other tests using cadvisor.Fake as field is nil by default.
cc @gmarek
Automatic merge from submit-queue (batch tested with PRs 46094, 48544, 48807, 49102, 44174)
Static deepcopy – phase 1
This PR is the follow-up of https://github.com/kubernetes/kubernetes/pull/36412, replacing the
dynamic reflection based deepcopy with static DeepCopy+DeepCopyInto methods on API types.
This PR **does not yet** include the code dropping the cloner from the scheme and all the
porting of the calls to scheme.Copy. This will be part of a follow-up "Phase 2" PR.
A couple of the commits will go in first:
- [x] audit: fix deepcopy registration https://github.com/kubernetes/kubernetes/pull/48599
- [x] apimachinery+apiserver: separate test types in their own packages #48601
- [x] client-go: remove TPR example #48604
- [x] apimachinery: remove unneeded GetObjectKind() impls #48608
- [x] sanity check against origin, that OpenShift's types are fine for static deepcopy https://github.com/deads2k/origin/pull/34
TODO **after** review here:
- [x] merge https://github.com/kubernetes/gengo/pull/32 and update vendoring commit
Automatic merge from submit-queue (batch tested with PRs 46094, 48544, 48807, 49102, 44174)
Shared Informer Run blocks until all goroutines finish
**What this PR does / why we need it**:
Makes Shared Informer Run method block until all goroutines it spawned finish. See #45454.
**Which issue this PR fixes**
Fixes#45454
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
amend the comment
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```NONE
`volumeoptions` which can be used to set various volume options.
for eg# if you want to enable encryption on volumes,
the values like `client.ssl on`, `server.ssl on`..etc can be passed
to `volumeoptions` parameter in storageclass.
Issue # https://github.com/kubernetes/kubernetes/issues/28454
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue (batch tested with PRs 48333, 48806, 49046)
kubeadm: Split out markmaster to its own phase
**What this PR does / why we need it**:
Splits out related and atomic code into its own phase that can be invokable easily from the CLI.
Makes the code much easier to read by not using recursion and `wait.InfinitePoll` _inside_ of a recursing function, etc.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes: https://github.com/kubernetes/kubeadm/issues/53
Part of this more long-term goal: https://github.com/kubernetes/kubeadm/issues/148
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
@kubernetes/sig-cluster-lifecycle-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 48333, 48806, 49046)
kubeadm: Generate kube-proxy image name in its own pkg
**What this PR does / why we need it**: code cleanup. Control kube-proxy image parameter in DaemonSet template.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
Minor cleanup. Attn @luxas
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48333, 48806, 49046)
use v1.ResourcePods instead of hard coding "pods"
Signed-off-by: sakeven <jc5930@sina.cn>
**What this PR does / why we need it**:
use v1.ResourcePods instead of hard coding 'pods'
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
But under a new path - `/metrics/cadvisor`. This ensures a secure port
still exists for metrics while getting the benefit of separating out
container metrics from the kubelet's metrics.
NsEnterMounter should not stop parsing findmnt output on the first space but
on the last one, just in case the mount point name itself contains a space.
Automatic merge from submit-queue (batch tested with PRs 48983, 49013)
Added comments on not set node network/inode condition to unknown.
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#48982
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 48576, 49010)
adding validations on kube-apiserver audit log options
**What this PR does / why we need it**:
The kube-apiserver does not check the validity of the following audit log options `--audit-log-maxage`, `--audit-log-maxage`, `--audit-log-maxage`. If these options are set to negative numbers, the kube-apiserver will not detect these invalid settings. This PR adds validations on these audit log options.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
`NONE`
Automatic merge from submit-queue (batch tested with PRs 48576, 49010)
make externalAdmissionHookConfigurationManager distinguish API disabled error
The externalAdmissionHookConfigurationManager does not return "DisabledErr" even if the API is disabled, so the GenericWebhook admission controller will not fail open.
The GenericWebhook admission controller is default to off, so the bug is hidden in most cases. To be safe, we should cherrypick it to 1.7.
```release-note
Fix a bug where the GenericWebhook admission plugin does not fail open when the admissionregistration API is disabled
```
Automatic merge from submit-queue
[Scheduler] Remove error since err is always nil
Signed-off-by: sakeven <jc5930@sina.cn>
**What this PR does / why we need it**:
No need to log error since err is always nil.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Jeff Grafton