Automatic merge from submit-queue
Add Subresource & Name to webhook authorizer.
Pass through the Subresource and Name fields from the `authorization.Attributes` to the `SubjectAccessReviewSpec.ResourceAttributes`.
Automatic merge from submit-queue
Refactor image related functions to use docker engine-api
ref #23563
Hopes can do some help, cc @Random-Liu
If it's ok, will add more work here.
Automatic merge from submit-queue
rkt: Return `FinishedAt` for pod
This is implemented via touching a file on stop as a hook in the systemd
unit. The ctime of this file is then used to get the `finishedAt` time
in the future.
In addition, this changes the `startedAt` and `createdAt` to use the api
server's results rather than the annotations it previously used.
It's possible we might want to move this into the api in the future.
Fixes#23887
I did the following manual testing:
```
$ cat ./examples/output/exit-output.yml
apiVersion: v1
kind: Pod
metadata:
labels:
name: exit
name: exit-output
spec:
restartPolicy: Never
containers:
- name: exit
image: busybox
command: ["sh", "-c", "echo Exiting in 60; sleep 60; echo goodbye"]
$ kubectl create -f ./examples/exit/exit-output.yaml
$ # wait
$ kubectl describe pod exit-output | grep State -A 4
State: Terminated
Reason: Completed
Exit Code: 0
Started: Tue, 19 Apr 2016 13:23:13 -0700
Finished: Tue, 19 Apr 2016 13:24:13 -0700
$ kubectl logs exit-output
Exiting in 60
goodbye
```
I double checked as well that the file at `/var/lib/kubelet/pods/$id/finished-$id` existed and looked as expected.
This is related to https://github.com/coreos/rkt/issues/1789#issuecomment-207111814 and follows https://github.com/kubernetes/kubernetes/pull/24367 + https://github.com/coreos/rkt/issues/2445
cc @jonboulle @iaguis @yifan-gu @kubernetes/sig-node
Automatic merge from submit-queue
stop changing the root path of the root webservice
We shouldn't mutate the root path of the root webservice (see usage). Just write the path we want.
Automatic merge from submit-queue
update controllers watching all pods to share an informer
This plumbs the shared pod informer through the various controllers to avoid duplicated watches.
Automatic merge from submit-queue
Add node e2e test for mirror pod.
This is a node e2e test for mirror pod.
After this get merged, I'll revisit the mirror pod manager PR. #18638
/cc @yujuhong
Automatic merge from submit-queue
let admission plugins indicate they want nothing
An admission plugin can return `nil, nil` for construction. This is useful for dealing with cases where the `config` passed to you effectively means, "no work". The calling code already handles this.
@derekwaynecarr
Automatic merge from submit-queue
schedulercache: remove bind() from AssumePod
Due to #24197, we make bind() asynchronous and don't need it anymore.
Submit this PR to clean it up.
Automatic merge from submit-queue
Use mCPU as CPU usage unit, add version in PerfData, and fix memory usage bug.
Partially addressed #24436.
This PR:
1) Change the CPU usage unit to "mCPU"
2) Add version in PerfData, and perfdash will only support the newest version now.
3) Fix stupid mistake when calculating the memory usage average.
/cc @vishh
Automatic merge from submit-queue
Enforce --max-pods in kubelet admission; previously was only enforced in scheduler
This is an ugly hack - I spent some time trying to understand what one NodeInfo has in common with the other one, but at some point decided that I just don't have time to do that.
Fixes#24262Fixes#20263
cc @HaiyangDING @lavalamp
Automatic merge from submit-queue
Intial draft on SeedProvider docs
Alsa more documentation. We need to reference the config section in the example docs. There are multiple PRs open in those docs, so at this point I do not want to make a mess.
Let me know if there are docs standard template that will make this more pretty.
Automatic merge from submit-queue
Removing KUBE_API_VERSIONS from our test scripts
We dont need to specify them.
Its an unnecessary extra change that people have to make while adding a group.
We also need this change for ubernetes.
cc @caesarxuchao @jianhuiz
This adds a poll-and-timeout procedure after the pod is
started, to make sure the post-start hooks execute when the
container is actually running.
This is a temporal workaround for implementing post-hooks,
a long term solution is to use lifecycle event to trigger
those hooks, see https://github.com/kubernetes/kubernetes/issues/23084.
Also this fixes a bug of getting container ID for a non-running
container when running pre-stop hook.
This is implemented via touching a file on stop as a hook in the systemd
unit. The ctime of this file is then used to get the `finishedAt` time
in the future.
In addition, this changes the `startedAt` and `createdAt` to use the api
server's results rather than the annotations it previously used.
It's possible we might want to move this into the api in the future.
Fixes#23887
Automatic merge from submit-queue
fix relative working dirctory of KUBE_ROOT
fix relative working dirctory of `KUBE_ROOT`, do not need to change to `KUBE_ROOT` in the first place
Signed-off-by: Crazykev <zcq8989@gmail.com>
Automatic merge from submit-queue
update gb-frontend image. New image includes the change in PR # 23381.
Update to use the gcr.io/google-samples/gb-frontend:v4 image. New image includes the change in https://github.com/kubernetes/kubernetes/pull/23381.
Automatic merge from submit-queue
Disable travis on master.
There's no need for it, and it's blocking merges. Until we've got the munger ignoring travis, this should patch the problem.
ref #24628
Automatic merge from submit-queue
WIP: Proposed new PR release note template.
Initial template proposal - needs work to coexist with labels:
## ATTENTION - Release Note ack required!
Use the below `release-note` block to explain your change. Valid inputs include:
**"title"** - the release note is the title of the PR
**"none"** - No release note needed for this PR
_freeform text_ - Describe your change as a summarized release note
```release-note
...release-note block...
```
Second template proposal - replaces labels:
## ATTENTION - Release Note ack required!
Update the below named `release-note-needed` block to one of:
**\`\`\`release-note**
**\`\`\`release-note-action-required**
**\`\`\`release-note-none**
Then describe your change as a summarized release note within the block.
```release-note-needed
...release-note block...
`line` 2
```
Add tests to watch behavior in both protocols (http and websocket)
against all 3 media types. Adopt the
`application/vnd.kubernetes.protobuf;stream=watch` media type for the
content that comes back from a watch call so that it can be
distinguished from a Status result.
Automatic merge from submit-queue
Default conversion for byte slices is incorrect
Nil slices are getting allocated, which is incorrect and changes
behavior in some cases.
[]byte(nil) -> []byte(nil)
@wojtek-t
Automatic merge from submit-queue
Add timeout to e2e network connectivity checks
Some e2e tests use wget to check connectivity, and the default e2e
timeout is 900s. This change allows the timeout to be specified on a
check-by-check basis. This will also make the check useful for negative
checks (like those used by openshift to validate isolation) since a
short timeout is suggested where connectivity is not expected.
Automatic merge from submit-queue
jenkins: Allow configuration of release bucket
This allows others to leverage the existing E2E code to test some
patched kube binary by simply overriding the bucket and reusing many of
the existing scripts
Wojciech Tyczynski