Commit Graph

22132 Commits (a2f2e1d4918effb4f0994333c7b88086674e4a5b)

Author SHA1 Message Date
Kubernetes Submit Queue 53a5ee7929 Merge pull request #48022 from smarterclayton/more_printers
Automatic merge from submit-queue (batch tested with PRs 48036, 48022)

Move more printers to TablePrinter

Continues work from 1.7
2017-06-26 12:52:45 -07:00
Kubernetes Submit Queue 4fd040afc7 Merge pull request #47647 from humblec/glusterfs-unused-var
Automatic merge from submit-queue (batch tested with PRs 48074, 47971, 48044, 47514, 47647)

Use more meaningful and consistent variable names in glusterfs plugin.
2017-06-26 11:41:01 -07:00
Alexander Campbell 14fc8782f5 cmd/run: use util function to deduplicate logic 2017-06-26 11:17:56 -07:00
Alexander Campbell b693c910f5 cmd/create_deployment: refactor & test long function 2017-06-26 11:17:53 -07:00
Shyam Jeedigunta d354e0bf4f Move iptables logging in kubeproxy from Errorf to V(2).Infof 2017-06-26 19:59:23 +02:00
Chao Xu 229ae59e73 garbage collector controller propagates DeletePropagationForeground
policy if the object doesn't already have finalizers.
2017-06-26 09:53:03 -07:00
Clayton Coleman bdd3116c09
Move more printers to TablePrinter 2017-06-26 11:38:36 -04:00
Jan Safranek b73517d437 Fix lint errors
Removal of io.go revealed new lint errors in pkg/util/io
2017-06-26 16:05:35 +02:00
Jan Safranek c2dc5b5bf1 Move LoadPodFromFile to volume utils
SavePodToFile is not used anywhere and LoadPodFromFile is used only by PV
recycler.
2017-06-26 16:02:43 +02:00
Lucas Käldström e25a5b1546
Remove old node role label that is not used by kubeadm 2017-06-26 14:46:15 +03:00
Shyam Jeedigunta f0fb21e411 Retry service syncs with exponential backoff in endpoints-controller 2017-06-26 13:35:46 +02:00
Kubernetes Submit Queue e28f7b47da Merge pull request #47788 from shyamjvs/resync-period-ep-controller
Automatic merge from submit-queue

Get rid of 30s ResyncPeriod in endpoint controller

Ref: #47597 
This should fix one of the demons of endpoint controller.

/cc @smarterclayton @gmarek
2017-06-26 04:20:12 -07:00
yiqinguo b664a0db3d Add err judgment 2017-06-26 19:04:10 +08:00
devinyan e85d561d1f modify the meassage in kubectl secret command when the envFile path is not an file path 2017-06-26 16:30:43 +08:00
Chao Xu 31d0869f83 revert 45764 2017-06-25 21:41:10 -07:00
Kubernetes Submit Queue 7800b3ffef Merge pull request #47152 from ublubu/cloud-addresses
Automatic merge from submit-queue

kubelet should let cloud-controller-manager set the node addresses

*Before this change:*

1. cloud-controller-manager sets all the addresses for a node.
2. kubelet on that node replaces these addresses with an incomplete set. (i.e. replace InternalIP and Hostname and delete all other addresses--ExternalIP, etc.)

*After this change:*

kubelet doesn't touch its node's addresses when there is an external cloudprovider.

Fixes #47155

```release-note
NONE
```
2017-06-24 09:31:15 -07:00
Kubernetes Submit Queue d9ba19c751 Merge pull request #46468 from alexandercampbell/cleanup-in-kubectl
Automatic merge from submit-queue

Cleanup pkg/kubectl

I was reading through `pkg/kubectl` in preparation for completing https://github.com/kubernetes/kubectl/issues/11 and noticed several opportunities for improvement. This should be easy to review since it's mostly mechanical changes. The only complicated changes are in `addFromEnvFile`, which I refactored into two functions and wrote tests for.

**Release note**:

```release-note
NONE
```
2017-06-24 08:32:09 -07:00
Kubernetes Submit Queue a82c9ac2f2 Merge pull request #48016 from liggitt/api-versions-cache
Automatic merge from submit-queue (batch tested with PRs 47869, 48013, 48016, 48005)

Fix kubectl api-versions caching

xref https://github.com/kubernetes/kubectl/issues/41

The point of the `api-versions` and `version` commands is to ask the server for its API groups or versions, so we don't want to use cached data
2017-06-24 06:13:44 -07:00
Kubernetes Submit Queue beb5b9dd4d Merge pull request #47869 from timothysc/affinity_cleanup
Automatic merge from submit-queue

Removes alpha feature gate for affinity annotations.  

**What this PR does / why we need it**:
In 1.5 we added a backstop to support alpha affinity annotations.  This PR removes that support in favor of the Beta fields per discussions.  

It also serves as a precursor to some of the component config work that @ncdc has done around @mikedanese design proposal.  

xref: https://github.com/kubernetes/kubernetes/pull/41617 

**Special notes for your reviewer**:

**Release note**:

```
Removes alpha feature gate for pod affinity annotations.  
```

/cc @kubernetes/sig-scheduling-pr-reviews @kubernetes/sig-cluster-lifecycle-misc
2017-06-24 06:11:42 -07:00
Kubernetes Submit Queue bb886cd6b2 Merge pull request #47650 from jianzhangbjz/enable-logging-conversions
Automatic merge from submit-queue

fixed the logging of which conversions.

Hi Guys,

After enable the function of logging of which conversions at [TestSpecificKind](d31a7cb301/pkg/api/serialization_test.go (L140)), I got the below errors:
```
pkg/api/serialization_test.go:140: cannot refer to unexported name api.scheme
pkg/api/serialization_test.go:140: undefined: api.scheme in api.scheme.Log
ok  	k8s.io/kubernetes/cmd/genutils	0.066s
```
So, this PR will fix that.
2017-06-24 05:05:32 -07:00
Kubernetes Submit Queue 7dfa61a2d9 Merge pull request #47947 from zouyee/opa
Automatic merge from submit-queue (batch tested with PRs 47776, 46220, 46878, 47942, 47947)

fix comment mistake

fix comment mistake


**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
```
2017-06-24 04:15:55 -07:00
Kubernetes Submit Queue e22215d38e Merge pull request #47942 from zouyee/op
Automatic merge from submit-queue (batch tested with PRs 47776, 46220, 46878, 47942, 47947)

update openstack metadata-service url

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
```
2017-06-24 04:15:54 -07:00
Kubernetes Submit Queue ff108258bb Merge pull request #46220 from superbrothers/add-statefulset
Automatic merge from submit-queue (batch tested with PRs 47776, 46220, 46878, 47942, 47947)

Add statefulset to the completion candidates of kubectl scale

**What this PR does / why we need it**: This commit adds `statefulset` to the completion candidates of kubectl scale.
```
$ kubectl scale <tab>
deployment             job                    --replicas             replicaset             replicationcontroller  statefulset
```

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes kubernetes/kubectl#14

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-24 04:15:50 -07:00
Kubernetes Submit Queue 714f97d7ba Merge pull request #47740 from liggitt/websocket-protocol
Automatic merge from submit-queue

Add token authentication method for websocket browser clients

Closes #47967

Browser clients do not have the ability to set an `Authorization` header programatically on websocket requests. All they have control over is the URL and the websocket subprotocols sent (see https://developer.mozilla.org/en-US/docs/Web/API/WebSocket)

This PR adds support for specifying a bearer token via a websocket subprotocol, with the format `base64url.bearer.authorization.k8s.io.<encoded-token>`

1. The client must specify at least one other subprotocol, since the server must echo a selected subprotocol back
2. `<encoded-token>` is `base64url-without-padding(token)`

This enables web consoles to use websocket-based APIs (like watch, exec, logs, etc) using bearer token authentication.

For example, to authenticate with the bearer token `mytoken`, the client could do:
```js
var ws = new WebSocket(
  "wss://<server>/api/v1/namespaces/myns/pods/mypod/logs?follow=true",
  [
    "base64url.bearer.authorization.k8s.io.bXl0b2tlbg",
    "base64.binary.k8s.io"
  ]
);
```

This results in the following headers:
```
Sec-WebSocket-Protocol: base64url.bearer.authorization.k8s.io.bXl0b2tlbg, base64.binary.k8s.io
```

Which this authenticator would recognize as the token `mytoken`, and if authentication succeeded, hand off to the rest of the API server with the headers
```
Sec-WebSocket-Protocol: base64.binary.k8s.io
```

Base64-encoding the token is required, since bearer tokens can contain characters a websocket protocol may not (`/` and `=`)

```release-note
Websocket requests may now authenticate to the API server by passing a bearer token in a websocket subprotocol of the form `base64url.bearer.authorization.k8s.io.<base64url-encoded-bearer-token>`
```
2017-06-24 00:34:41 -07:00
Kubernetes Submit Queue 8dabdf7081 Merge pull request #46955 from zjj2wry/nodecontroller_matrics
Automatic merge from submit-queue

Fix const naming in node/metrics

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-23 22:22:16 -07:00
Jordan Liggitt fe8b5e9263
Fix kubectl api-versions caching 2017-06-24 01:14:31 -04:00
Kubernetes Submit Queue ed3c50a755 Merge pull request #47845 from liggitt/remove-redirect
Automatic merge from submit-queue (batch tested with PRs 47993, 47892, 47591, 47469, 47845)

Remove redirect verb parsing

The redirect verb was removed pre-1.0 in https://github.com/kubernetes/kubernetes/pull/9826 so the request parsing logic is dead code

Diff best viewed without whitespace:
https://github.com/kubernetes/kubernetes/pull/47845/files?w=1
2017-06-23 18:05:52 -07:00
Kubernetes Submit Queue 68a05ac74b Merge pull request #47469 from crimsonfaith91/created
Automatic merge from submit-queue (batch tested with PRs 47993, 47892, 47591, 47469, 47845)

deprecate created-by annotation for cronjob

**What this PR does / why we need it**: This PR deprecates created-by annotation for cronjob. This is needed as we now have ControllerRef.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: xref #44407

**Special notes for your reviewer**: I will create 3 PRs to fix the issue as the annotation is used in various parts of the codebase: cronjob, pod drain, and e2e test framework. This is the first PR. Other PRs can be found here: #47471, #47475

**Release note**:

```release-note
```
2017-06-23 18:05:51 -07:00
Kubernetes Submit Queue 3f6fda974f Merge pull request #47591 from CaoShuFeng/string_trim
Automatic merge from submit-queue (batch tested with PRs 47993, 47892, 47591, 47469, 47845)

Only do string trim when it's necessary

This will enhance performance a little bit.
**Release note**:

```
NONE
```
2017-06-23 18:05:49 -07:00
Kubernetes Submit Queue e554dd6d3d Merge pull request #45805 from weiwei04/ceph-imageformat-2
Automatic merge from submit-queue

storageclass ceph add imageformat parameter

**What this PR does / why we need it**:
Add a imageformat parameter for StorageClass(ceph rbd)

k8s hard coded ceph imageformat 1, according to [ceph manual](http://docs.ceph.com/docs/master/man/8/rbd/), imageformat 1 was deprecated, we should add an extra ceph parameter to set ceph rbd imageformat. Ceph rbd imageformat can only be 1 or 2, set the default value to 1.

**Release note**:
```release-note
Allow StorageClass Ceph RBD to specify image format and image features.
```
2017-06-23 16:43:37 -07:00
Zihong Zheng baca8a1490 Pipe clusterID into gce_loadbalancer_external.go 2017-06-23 15:54:04 -07:00
Antoine Pelisse 224dba9a13 openapi: Fetch protobuf rather than Json
This is much faster.
2017-06-23 13:50:50 -07:00
Kubernetes Submit Queue 830c1b06b1 Merge pull request #43062 from mkumatag/genfed
Automatic merge from submit-queue

Enhance message in cluster-info dump

**What this PR does / why we need it**:
This PR fixes the information message prints in the end after the cluster-info dump command.
- Added newline in the end
- Enhanced the message for dumping information to standard out

**Which issue this PR fixes** *

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-23 12:30:25 -07:00
Jun Xiang Tee ae4df9f573 deprecate created-by annotation for cronjob 2017-06-23 11:05:40 -07:00
Alexander Campbell ac793982b0 kubectl: fix inaccurate usage messages for --windows-line-endings
Part of the problem is that these are duplicated between the different
commands. I'm planning to consolidate these further.
2017-06-23 09:49:30 -07:00
Alexander Campbell 63e9c67db8 kubectl: refactor addFromEnvFile, write tests 2017-06-23 09:49:30 -07:00
Alexander Campbell 7b54199fd5 kubectl: note a bug with a comment
This doesn't seem to be affecting anything and I'm not sure what the
correct behavior needs to be here. I'll highlight this in the code
review and hopefully work out a correct solution with the help of the
reviewers.
2017-06-23 09:49:30 -07:00
Alexander Campbell ef9ae61240 kubectl: simplify code with help of linter 2017-06-23 09:49:30 -07:00
Alexander Campbell 01ae6edc6c cmd: refactor common err expr into helper function
The same redundant fmt.Sprintf() and string literal was duplicated
throughout many of the files in kubectl/cmd. Replace with a helper
function.
2017-06-23 09:49:30 -07:00
Alexander Campbell 066dbb7206 cmd: make createDeployment a private function 2017-06-23 09:49:30 -07:00
Alexander Campbell f9913c4948 kubectl: rewrite docstrings in several files
Fixing inaccuracies and clarifying in the case of ambiguities.
2017-06-23 09:49:30 -07:00
Alexander Campbell d29560d89a kubectl: rename Run() -> RunRun() to clarify purpose
Run() is too overloaded in the codebase already. The other commands have
a pattern of RunExpose, RunScale, and so on. Since the command name is
"run", the associated function should be called RunRun.
2017-06-23 09:49:30 -07:00
Kubernetes Submit Queue 72cb080c87 Merge pull request #46181 from FengyunPan/ignore-LBnotfound
Automatic merge from submit-queue

Ignore ErrNotFound when delete LB resources

IsNotFound error is fine since that means the object is
deleted already, so let's check it before return error.
2017-06-23 09:35:11 -07:00
FengyunPan b9c1848fbd Fix output extra comma
When running 'kubectl get service', I get a extra comma in result:
'EXTERNAL-IP:,172.16.0.12', but except: 'EXTERNAL-IP:172.16.0.12'.
2017-06-24 00:10:33 +08:00
FengyunPan a97a9f9dd5 Display <none> for clusterIP and port when service is ExternalName 2017-06-23 23:55:08 +08:00
Humble Chirammal 5f91b02a61 detach getClusterNodes() func from provisioner method.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2017-06-23 21:18:07 +05:30
Hasanat Kazmi b4c9314520 removed 'Storage' option from 'kubectl top' like options 2017-06-23 08:34:53 -07:00
Kubernetes Submit Queue d95a8bf66b Merge pull request #47783 from NickrenREN/containerruntime
Automatic merge from submit-queue (batch tested with PRs 47694, 47772, 47783, 47803, 47673)

Make different container runtimes constant

Make different container runtimes constant to avoid hardcode

**Release note**:

```release-note
NONE
```
2017-06-23 08:29:28 -07:00
Kubernetes Submit Queue 6a047dd71d Merge pull request #47772 from jianglingxia/jlx620
Automatic merge from submit-queue (batch tested with PRs 47694, 47772, 47783, 47803, 47673)

delete the for loops that done nothing

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
```
2017-06-23 08:29:26 -07:00
Kubernetes Submit Queue ae9ca46927 Merge pull request #47694 from FengyunPan/display-service-type
Automatic merge from submit-queue (batch tested with PRs 47694, 47772, 47783, 47803, 47673)

Output TYPE for getting service

**What this PR does / why we need it**:
Now service already supported 4 ServiceTypes, ServiceTypes is
friendly to distinguish services, so outputing service type better
when running 'kubectl get service'.

**Release note**:
```release-note
  NONE
```
2017-06-23 08:29:23 -07:00
Timothy St. Clair 4aea626944 Removes alpha feature gate for affinity annotations. Beta fields should be used. 2017-06-23 10:02:14 -05:00
Kubernetes Submit Queue 8679677e87 Merge pull request #47579 from wanghaoran1988/fix_43322
Automatic merge from submit-queue (batch tested with PRs 47958, 46261, 46667, 47709, 47579)

Clean up Deployment overlap annotation code

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #43322

**Special notes for your reviewer**:

**Release note**:

```
None
```
2017-06-23 07:21:36 -07:00
Kubernetes Submit Queue 76103db5e4 Merge pull request #47709 from krmayankk/ss
Automatic merge from submit-queue (batch tested with PRs 47958, 46261, 46667, 47709, 47579)

use appsv1beta1 for statefulsets

**What this PR does / why we need it**:


**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes https://github.com/kubernetes/kubernetes/issues/46922
2017-06-23 07:21:33 -07:00
Kubernetes Submit Queue d84dedd1ac Merge pull request #46667 from zhangxiaoyu-zidif/delete-meaningless-check
Automatic merge from submit-queue (batch tested with PRs 47958, 46261, 46667, 47709, 47579)

Delete meaningless err check

**What this PR does / why we need it**:
Delete meaningless err check
We don't need to care about err check. In cited function, if err is not nil, I return t.Errorf directly.
So it does not matter that whether data is nil or err is nil.

**Release note**:

```release-note\
NONE
```
2017-06-23 07:21:31 -07:00
Kubernetes Submit Queue 4d9522f854 Merge pull request #46261 from verb/pod-tshoot-feature-gate-1
Automatic merge from submit-queue (batch tested with PRs 47958, 46261, 46667, 47709, 47579)

Add a feature gate for Debug Containers

**What this PR does / why we need it**: Adds a feature gate for Debug Containers feature proposed in kubernetes/community#649. This feature requires changes to the kubelet, apiserver and kubectl which can be decoupled except for the gate.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-23 07:21:28 -07:00
Robert Rati d6a5175c05 Use %q formatter for error messages from the AWS SDK. #47789 2017-06-23 10:02:21 -04:00
Humble Chirammal a41e1c52ef Add annotation constants to glusterfs plugin.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2017-06-23 19:03:07 +05:30
Kubernetes Submit Queue 60126b0ceb Merge pull request #47471 from crimsonfaith91/drain
Automatic merge from submit-queue (batch tested with PRs 46151, 47602, 47507, 46203, 47471)

deprecate created-by annotation for pod drain

**What this PR does / why we need it**: This PR deprecates created-by annotation for pod drain. This is required as we now have ControllerRef.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: xref #44407

**Special notes for your reviewer**: This is the second PR for deprecating created-by annotation. Other PRs can be found here: https://github.com/kubernetes/kubernetes/pull/47469 , #47475 

**Release note**:

```release-note
```
2017-06-23 05:08:30 -07:00
Kubernetes Submit Queue 1864a2403c Merge pull request #46151 from verb/kubectl-featuregate
Automatic merge from submit-queue

Add alpha command to kubectl

Also allow new commands to disable themselves by returning a nil value. This can be used to disable commands based on feature gates.

**What this PR does / why we need it**: Method of enabling alpha functionality in kubectl

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: ref #45922

**Special notes for your reviewer**: Part of a discussion in #45922 with @pwittrock

**Release note**:

```release-note
NONE
```
2017-06-23 05:00:35 -07:00
Cosmin Cojocar 0235cb9e3c Fix dependencies order after rebase 2017-06-23 13:20:10 +02:00
Kubernetes Submit Queue aaa5b2b642 Merge pull request #47575 from justinsb/fix_36902
Automatic merge from submit-queue (batch tested with PRs 47915, 47856, 44086, 47575, 47475)

AWS: Fix suspicious loop comparing permissions

Because we only ever call it with a single UserId/GroupId, this would
not have been a problem in practice, but this fixes the code.

Fix #36902 

```release-note
NONE
```
2017-06-23 04:06:25 -07:00
Kubernetes Submit Queue b1ac562918 Merge pull request #44086 from NickrenREN/sc-type
Automatic merge from submit-queue (batch tested with PRs 47915, 47856, 44086, 47575, 47475)

Change second StorageClass Column to provisioner

Some provisioners have key-value pairs in parameters map which key is type, here TYPE in StorageClass columns may be confused.
https://kubernetes.io/docs/concepts/storage/persistent-volumes/#storageclasses

**Release note**:

```release-note
NONE
```
2017-06-23 04:06:23 -07:00
Kubernetes Submit Queue fcfbfecdfd Merge pull request #47856 from mikedanese/bootstrap-resume
Automatic merge from submit-queue (batch tested with PRs 47915, 47856, 44086, 47575, 47475)

kubelet should resume csr bootstrap

Right now the kubelet creates a new csr object with the same key every
time it restarts during the bootstrap process. It should resume with the
old csr object if it exists. To do this the name of the csr object must
be stable.

Issue https://github.com/kubernetes/kubernetes/issues/47855
2017-06-23 04:06:20 -07:00
Cosmin Cojocar fcdceb2e50 Add the pcks12 package to the build of Azure cloud provider 2017-06-23 12:19:56 +02:00
Cosmin Cojocar 2c8ec115db Fix tests after rebasing 2017-06-23 12:17:17 +02:00
Cosmin Cojocar 5462d06ce3 Add client cert authentication for Azure cloud provider 2017-06-23 12:17:17 +02:00
Kubernetes Submit Queue 8ba08c9528 Merge pull request #46906 from zhangxiaoyu-zidif/Add-testcase-for-namespace
Automatic merge from submit-queue (batch tested with PRs 47403, 46646, 46906, 46527, 46792)

Add test case for namespace

**What this PR does / why we need it**:
Unit test case need add that when name is "".

**Special notes for your reviewer**:
refer to https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/namespace.go#L74

**Release note**:

```release-note
NONE
```
2017-06-23 02:59:27 -07:00
Kubernetes Submit Queue 4a1d95ef57 Merge pull request #46646 from rickypai/rpai/add_container_runtime_version_to_node_wide_printer
Automatic merge from submit-queue (batch tested with PRs 47403, 46646, 46906, 46527, 46792)

add ContainerRuntimeVersion to `kubectl get nodes -o=wide` output

**What this PR does / why we need it**: adds container runtime version to `kubectl get nodes -o=wide` output as a way to surface more node-level information

When upgrading to a new container runtime version (docker 1.11 -> docker 1.12) or when experimenting with a different container runtime version (experimenting with rkt in a docker cluster), it's useful for cluster operators to see which nodes are running which container runtime version. `kubectl get nodes -o=wide` already provides kernel and OS version, and I believe adding container runtime version would be good.

**Release note**:
```release-note
container runtime version has been added to the output of `kubectl get nodes -o=wide` as `CONTAINER-RUNTIME`
```
2017-06-23 02:59:25 -07:00
Kubernetes Submit Queue 4db120cc04 Merge pull request #46688 from zhangxiaoyu-zidif/change-method-kubectl-configmap
Automatic merge from submit-queue

Fix error message of isDir

**What this PR does / why we need it**:
Use IsRegular to replace isDir
Accoding to the code logic, using IsRegular is proper.
 
**Release note**:

```release-note
NONE
```
2017-06-23 01:58:14 -07:00
Kubernetes Submit Queue 475f175e68 Merge pull request #46495 from zjj2wry/pdb
Automatic merge from submit-queue

add test for kubectl create pdb

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-23 01:00:17 -07:00
Kubernetes Submit Queue 625a980941 Merge pull request #46696 from xiangpengzhao/mark-deprecated-command
Automatic merge from submit-queue (batch tested with PRs 47227, 47119, 46280, 47414, 46696)

Mark deprecated info in short description of deprecated commands.

**What this PR does / why we need it**:
Mark deprecated commands in 'kubectl help'. See https://github.com/kubernetes/kubectl/issues/20

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes https://github.com/kubernetes/kubectl/issues/20

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-22 23:59:28 -07:00
Kubernetes Submit Queue 3adb6c630b Merge pull request #47414 from karataliu/wincri5.devwin
Automatic merge from submit-queue (batch tested with PRs 47227, 47119, 46280, 47414, 46696)

Move seccomp helper methods and tests to platform-specific files.

**What this PR does / why we need it**:
Seccomp helper methods are for linux only, move them to linux-specific helper file.

As discussed in https://github.com/kubernetes/kubernetes/pull/46744

**Which issue this PR fixes** 

**Special notes for your reviewer**:

**Release note**:
2017-06-22 23:59:26 -07:00
Kubernetes Submit Queue c76c145d37 Merge pull request #46280 from zjj2wry/print-rs
Automatic merge from submit-queue (batch tested with PRs 47227, 47119, 46280, 47414, 46696)

Improve code coverage for pkg/printer

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-22 23:59:21 -07:00
Kubernetes Submit Queue 508e298153 Merge pull request #47119 from zjj2wry/cccc
Automatic merge from submit-queue (batch tested with PRs 47227, 47119, 46280, 47414, 46696)

controller: fix error message

**What this PR does / why we need it**:
just fix error typo, think you :)

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-22 23:59:19 -07:00
zouyee 5e56e5294a fix comment mistake 2017-06-23 14:06:46 +08:00
Kubernetes Submit Queue 18362beb0d Merge pull request #42254 from justinsb/volumes_dont_leak_nodestatusupdateneeded
Automatic merge from submit-queue

volumes: SetNodeStatusUpdateNeeded on error

If an error happened during the UpdateNodeStatuses loop, there were some
code paths where we would not call SetNodeStatusUpdateNeeded, leaking
the state.  Add it to all paths by adding a function.

Part of #40583

```release-note
NONE
```
2017-06-22 21:43:04 -07:00
Kubernetes Submit Queue be0b045072 Merge pull request #47401 from justinsb/fix_39374
Automatic merge from submit-queue (batch tested with PRs 47922, 47195, 47241, 47095, 47401)

AWS: Set CredentialsChainVerboseErrors

This avoids a rather confusing error message.

Fix #39374

```release-note
NONE
```
2017-06-22 21:33:34 -07:00
Kubernetes Submit Queue 62b801ef91 Merge pull request #47241 from NickrenREN/cephfs-loglevel
Automatic merge from submit-queue (batch tested with PRs 47922, 47195, 47241, 47095, 47401)

Change cephfs secret related logs level

Fixes: #45387
**Release note**:

```release-note
NONE
```

/cc @rootfs
2017-06-22 21:33:29 -07:00
Kubernetes Submit Queue 467705be00 Merge pull request #47195 from dims/bind-cadvisor-on-kubelet-interface
Automatic merge from submit-queue (batch tested with PRs 47922, 47195, 47241, 47095, 47401)

Run cAdvisor on the same interface as kubelet

**What this PR does / why we need it**:

cAdvisor currently binds to all interfaces. Currently the only
solution is to use iptables to block access to the port. We
are better off making cAdvisor to bind to the interface that
kubelet uses for better security.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

Fixes #11710

**Special notes for your reviewer**:

**Release note**:

```release-note
cAdvisor binds only to the interface that kubelet is running on instead of all interfaces.
```
2017-06-22 21:33:27 -07:00
allencloud f98bc7d454 fix CopyStrings and ShuffleStrings for slice when slice is nil
Signed-off-by: allencloud <allen.sun@daocloud.io>
2017-06-23 11:47:13 +08:00
zouyee 39552417fe update openstack metadata-service url 2017-06-23 10:50:20 +08:00
Dong Liu 4df4ea2bea Move seccomp helper methods and tests to platform-specific files. 2017-06-23 09:49:06 +08:00
allencloud 25881fe30e fix nits in kubelet server
Signed-off-by: allencloud <allen.sun@daocloud.io>
2017-06-23 08:21:09 +08:00
Kubernetes Submit Queue dd126ae19c Merge pull request #38431 from NickrenREN/newVolumeMgr-return
Automatic merge from submit-queue

Modify NewVolumeManager() function return value
2017-06-22 16:43:29 -07:00
Mike Danese 627c414c1b kubelet should resume csr bootstrap
Right now the kubelet creates a new csr object with the same key every
time it restarts during the bootstrap process. It should resume with the
old csr object if it exists. To do this the name of the csr object must
be stable. Also using a list watch here eliminates a race condition
where a watch event is missed and the kubelet stalls.
2017-06-22 23:45:15 +02:00
Chao Xu 60604f8818 run hack/update-all 2017-06-22 11:31:03 -07:00
Chao Xu 239613b521 manually fix kubectl openapi unit test 2017-06-22 11:31:02 -07:00
Chao Xu 945593d4de manually fix unit tests 2017-06-22 11:30:59 -07:00
Chao Xu f2d3220a11 run root-rewrite-import-client-go-api-types 2017-06-22 11:30:59 -07:00
Chao Xu dca135d5f7 run ./remove-original-proto.sh to remove the old proto 2017-06-22 11:30:58 -07:00
Chao Xu e185f7e277 run hack/update-codegen.sh 2017-06-22 11:30:58 -07:00
Chao Xu 985535fe9a manually remove pkg/client/listers/policy/v1alpha1 2017-06-22 11:30:58 -07:00
Chao Xu 48134bc02a manually fix unit tests in pkg/api/v1
more manually fix pkg/api/v1 unit tests

change ImportPrefix

manually fix pkg/api unit tests
2017-06-22 11:30:52 -07:00
Chao Xu cde4772928 run ./root-rewrite-all-other-apis.sh, then run make all, pkg/... compiles 2017-06-22 11:30:52 -07:00
Chao Xu cd7e7afaaa run pkg/apis/make-origin-dir-compile, pkg/apis compile 2017-06-22 11:30:51 -07:00
Chao Xu 4fb28dafad pkg/apis/move-external-types-for-apis.sh, k8s.io/api compiles 2017-06-22 11:30:51 -07:00
Chao Xu 94e8bb6261 unify register.go formats:
networking/v1/register.go
staging/src/k8s.io/kube-apiextensions-server/pkg/apis/apiextensions/v1alpha1/register.go
staging/src/k8s.io/metrics/pkg/apis/custom_metrics/v1alpha1/register.go
staging/src/k8s.io/metrics/pkg/apis/metrics/v1alpha1 register.go
2017-06-22 11:30:51 -07:00
Chao Xu bad65b4c95 Don't revert, necessary change to make helpers to include k8s.io/api
Don't revert, change boundingdirs in Makefile for deepcopy-gen

manually fix pkg/client/clientset_generated/clientset/typed/core/v1/pod_expansion.go because external policy types are moved now
2017-06-22 11:30:43 -07:00
Chao Xu 800eb07b27 revert before merge? remove a dependency from pkg/apis/componentconfig to clientset, probably we should fix it later. i removed the dependency to test if pkg/apis compile 2017-06-22 10:27:42 -07:00
Chao Xu f4989a45a5 run root-rewrite-v1-..., compile 2017-06-22 10:25:57 -07:00
Chao Xu 9f5f4ba729 run pkg/api/v1/rewrite....sh, pkg/api/v1 (not including subdir) compile 2017-06-22 10:25:12 -07:00
Chao Xu 58edb6b485 split v1/register.go to regsiter.go and builder.go
move api/v1 to k8s.io/api/v1
duplicate some global variables/functions in pkg/api/v1/builder.go, add todo to remove these
2017-06-22 10:21:42 -07:00
Kubernetes Submit Queue a8968810fd Merge pull request #47380 from kevin-wangzefeng/pod-tolerations-with-no-value
Automatic merge from submit-queue

hide operator when describe pod with empty value tolerations

**What this PR does / why we need it**:
The tolerations printing in `kubectl descirbe pod` is not correct when toleration.value is empty, this PR is to fix it.

Before: 
```
Tolerations:	node.alpha.kubernetes.io/notReady=:Exists:NoExecute for 300s
		node.alpha.kubernetes.io/unreachable=:Exists:NoExecute for 300s
```
After:
```
Tolerations:	node.alpha.kubernetes.io/notReady:NoExecute for 300s
		node.alpha.kubernetes.io/unreachable:NoExecute for 300s
```

Also updated tests to cover all possible cases of describing pod with tolerations. See changes in of `TestDescribePodTolerations()` in `describe_test.go`

**Which issue this PR fixes**:

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-22 08:02:29 -07:00
yiqinguo d170b0ca80 Add type conversion judgment 2017-06-22 20:17:28 +08:00
Kubernetes Submit Queue 4d1379c473 Merge pull request #47512 from rickypai/rpai/fix_hostalias_json_key
Automatic merge from submit-queue (batch tested with PRs 42252, 42251, 42249, 47512, 47887)

fix HostAliases' json keys to be hostAlias instead of hostMapping to reflect actual feature name

**What this PR does / why we need it**: a rename was introduce during the middle of #44641 to change from `hostMappings` to `hostAliases`. the Go structs were updated, but I neglected to update the json keys. They should be in sync.

**Special notes for your reviewer**:  I messed up. This is an API change. I hope this is still ok to be in the 1.7 release.

**Release note**:
```release-note
HostAliases is now parsed with `hostAliases` json keys to be in line with the feature's name.
```
2017-06-21 22:13:33 -07:00
Kubernetes Submit Queue d0a2beb1e7 Merge pull request #42249 from justinsb/volumes_logging
Automatic merge from submit-queue (batch tested with PRs 42252, 42251, 42249, 47512, 47887)

volumes: Add logging when removing node fails

Part of #40583

```release-note
NONE
```
2017-06-21 22:13:30 -07:00
Kubernetes Submit Queue b795ec7de0 Merge pull request #42251 from justinsb/simplify_append
Automatic merge from submit-queue (batch tested with PRs 42252, 42251, 42249, 47512, 47887)

volumes: simplify append-to-slice code

Minor simplification - can append to empty/nil slice.

Part of #40583

```release-note
NONE
```
2017-06-21 22:13:27 -07:00
Kubernetes Submit Queue bebe346d5f Merge pull request #42252 from justinsb/volumes_raise_loglevels
Automatic merge from submit-queue (batch tested with PRs 42252, 42251, 42249, 47512, 47887)

volumes: promote some logs from info -> warning

Part of #40583

```release-note
NONE
```
2017-06-21 22:13:24 -07:00
Kubernetes Submit Queue d021db8204 Merge pull request #47503 from chakri-nelluri/flexcap
Automatic merge from submit-queue (batch tested with PRs 47878, 47503, 47857)

Remove controller node plugin driver dependency for non-attachable fl…

…ex volume drivers (Ex: NFS).

**What this PR does / why we need it**:
Removes requirement to install flex volume drivers on master node for non-attachable drivers likes NFS.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47109


```release-note
Fixes issue w/Flex volume, introduced in 1.6.0, where drivers without an attacher would fail (node indefinitely waiting for attach). Drivers that don't implement attach should return `attach: false` on `init`.
```
2017-06-21 21:12:15 -07:00
Cao Shufeng 4ee6b42a4d Fix invalid filename in kubelet log
Fixes: https://github.com/kubernetes/kubernetes/issues/47641
2017-06-22 09:45:21 +08:00
Ricky Pai 797dc10a0c generated code 2017-06-21 16:39:50 -07:00
Ricky Pai 62c7e4df69 fix patchMergyKey to ip instead of IP 2017-06-21 15:31:54 -07:00
Ricky Pai 35f9a047f5 update HostAliases' json keys to be hostAlias instead of hostMapping 2017-06-21 15:31:47 -07:00
Koonwah Chen 65b2f71ee7 Add ApiEndpoint support to GCE config. 2017-06-21 15:27:10 -07:00
Kubernetes Submit Queue 03014f486c Merge pull request #47824 from mbohlool/revert2
Automatic merge from submit-queue (batch tested with PRs 47851, 47824, 47858, 46099)

Revert 44714 manually

#44714 broke backward compatibility for old swagger spec that kubectl still uses. The decision on #47448 was to revert this change but the change was not automatically revertible. Here I semi-manually remove all references to UnixUserID and UnixGroupID and updated generated files accordingly.

Please wait for tests to pass then review that as there may still be tests that are failing.

Fixes #47448

Adding release note just because the original PR has a release note. If possible, we should remove both release notes as they cancel each other.

**Release note**: (removed by caesarxuchao)

UnixUserID and UnixGroupID is reverted back as int64 to keep backward compatibility.
2017-06-21 15:21:14 -07:00
Kubernetes Submit Queue 5d30190b3b Merge pull request #47851 from jhorwit2/jah/revert-psp-hostpath-whitelist
Automatic merge from submit-queue (batch tested with PRs 47851, 47824, 47858, 46099)

Revert "Merge pull request #43946 from jhorwit2/jah/host-path-psp"

fixes #47863

This reverts commit b5eadb5d6b, reversing
changes made to 1889d654f5.



**What this PR does / why we need it**:

Revert whitelist host paths in psp due to API concerns. Please refer to https://github.com/kubernetes/kubernetes/pull/47811 for the concerns.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

cc @liggitt @ericchiang @smarterclayton 

**Release note**:

```release-note
```
2017-06-21 15:21:11 -07:00
Kubernetes Submit Queue 2f4df7ffa6 Merge pull request #47819 from verult/AlphaStorageStatus
Automatic merge from submit-queue (batch tested with PRs 34515, 47236, 46694, 47819, 47792)

Adding alpha feature gate to node statuses from local storage capacity isolation.

**What this PR does / why we need it**: The Capacity.storage node attribute should not be exposed since it's part of an alpha feature. Added an feature gate.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47809 

There should be a test for new statuses in the alpha feature. Will include in a different PR.
2017-06-21 13:30:17 -07:00
Kubernetes Submit Queue 1184ce869a Merge pull request #47236 from dixudx/not_allow_backsteps_in_local_volume
Automatic merge from submit-queue (batch tested with PRs 34515, 47236, 46694, 47819, 47792)

not allow backsteps in local volume plugin

**Which issue this PR fixes** : fixes #47207

**Special notes for your reviewer**:
cc @msau42 @ddysher
Just follow @liggitt [commented](https://github.com/kubernetes/kubernetes/issues/47107#issuecomment-306831175).

**Release note**:
```release-note
NONE
```
2017-06-21 13:30:09 -07:00
Kubernetes Submit Queue 0a6d307700 Merge pull request #34515 from jimengliu/master
Automatic merge from submit-queue (batch tested with PRs 34515, 47236, 46694, 47819, 47792)

remove unused constant

**What this PR does / why we need it**:

In flexvolume constant definitions, fix typo StatusFailure string to "Failure", not "Failed" at 

b359034817/pkg/volume/flexvolume/flexvolume_util.go (L45)

**Which issue this PR fixes** _(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)_: fixes #
#34510

**Special notes for your reviewer**:
Simple string literal change, but hopefully will prevent future confusion for developers.
2017-06-21 13:30:04 -07:00
Kubernetes Submit Queue 0f0e017ade Merge pull request #45473 from karataliu/AzureInternalLoadBalancerE2E
Automatic merge from submit-queue

Add E2E tests for Azure internal loadbalancer support, fix an issue for public IP resource deletion.

**What this PR does / why we need it**:

- Add E2E tests for Azure internal loadbalancer support: https://github.com/kubernetes/kubernetes/pull/43510
- Fix an issue that public IP resource not get deleted when switching from external loadbalancer to internal static loadbalancer.

**Special notes for your reviewer**:

1.  Add new Azure resource tag to Public IP resources to indicate kubernetes managed resources.
   Currently we determine whether the public IP resource should be deleted by looking at LoadBalancerIp property on spec. In the scenario 'Switching from external loadbalancer to internal loadbalancer with static IP', that value might have been updated for internal loadbalancer. So here we're to add an explicit tag for kubernetes managed resources.

2. Merge cleanupPublicIP logic into cleanupLoadBalancer

**Release note**:
NONE

CC @brendandburns @colemickens
2017-06-21 11:41:22 -07:00
Dan Williams 5100925a90 dockershim: checkpoint HostNetwork property
To ensure kubelet doesn't attempt network teardown on HostNetwork
containers that no longer exist but are still checkpointed, make
sure we preserve the HostNetwork property in checkpoints.  If
the checkpoint indicates the container was a HostNetwork one,
don't tear down the network since that would fail anyway.

Related: https://github.com/kubernetes/kubernetes/issues/44307#issuecomment-299548609
2017-06-21 13:10:47 -05:00
Josh Horwitz b6e08ec39d Revert "Merge pull request #43946 from jhorwit2/jah/host-path-psp"
This reverts commit b5eadb5d6b, reversing
changes made to 1889d654f5.
2017-06-21 12:45:22 -04:00
Jordan Liggitt e8b24679dc
Remove redirect verb parsing 2017-06-21 11:17:24 -04:00
Kubernetes Submit Queue 3ea93b2753 Merge pull request #47822 from liggitt/secret-storage-config
Automatic merge from submit-queue

Separate serviceaccount and secret storage config

Fixes #47815, and is required in order to enable the secret encryption feature with a recommended configuration

This passes distinct storage options for serviceaccounts and secrets, since secrets can now have an encrypting transformer associated with them
2017-06-21 08:01:37 -07:00
Paul Tyng a990e60193 Set default User-Agent on http probe
If unspecified in probe definition, User-Agent will be set to
`kube-probe/<version major.minor>` on httpGet probe types
instead of the default Go User-Agent.
2017-06-21 10:50:33 -04:00
Jordan Liggitt 6a872c09eb
Use websocket protocol authenticator in apiserver 2017-06-21 09:47:34 -04:00
mbohlool 70c4fe7f4f update generated files 2017-06-21 04:09:08 -07:00
mbohlool c91a12d205 Remove all references to types.UnixUserID and types.UnixGroupID 2017-06-21 04:09:07 -07:00
yiqinguo 867790faa3 Remove repeat type conversions 2017-06-21 15:15:22 +08:00
Seth Jennings 9fcc25d1ed don't pass CRI error through to waiting state reason 2017-06-20 23:34:08 -05:00
Jordan Liggitt 3de8e52c8a
Separate serviceaccount and secret storage config 2017-06-20 23:49:10 -04:00
Kubernetes Submit Queue 8316bbc14c Merge pull request #47818 from Random-Liu/change-cri-package-name
Automatic merge from submit-queue (batch tested with PRs 45268, 47573, 47632, 47818)

Change CRI package name to runtime.

Fixes https://github.com/kubernetes/kubernetes/issues/47814.

@yujuhong @feiskyer /cc @kubernetes/sig-node-bugs
2017-06-20 18:19:02 -07:00
Kubernetes Submit Queue 7f7c29ad03 Merge pull request #47573 from k82cn/k8s_47571
Automatic merge from submit-queue (batch tested with PRs 45268, 47573, 47632, 47818)

Fixed statefulset PVC's capacity in kubectl description.

**What this PR does / why we need it**:
We should use object instead of pointer for `String()`.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47571 

**Release note**:

```release-note-none
Fix VolumeClaims/capacity in "kubectl describe statefulsets" output.
```
2017-06-20 18:18:56 -07:00
Kubernetes Submit Queue 1499b6bddc Merge pull request #45268 from redbaron/aws-elb-attach-sgs
Automatic merge from submit-queue

New annotation to add existing Security Groups to ELBs created by AWS cloudprovider

**What this PR does / why we need it**:
When K8S cluster is deployed in existing VPC there might be a need to attach extra SecurityGroups to ELB created by AWS cloudprovider. Example of it can be cases, where such Security Groups are maintained by another team.

**Special notes for your reviewer**:
For tests to pass depends on https://github.com/kubernetes/kubernetes/pull/45168  and therefore includes it

**Release note**:
```release-note
New 'service.beta.kubernetes.io/aws-load-balancer-extra-security-groups' Service annotation to specify extra Security Groups to be added to ELB created by AWS cloudprovider
```
2017-06-20 18:06:29 -07:00
Cheng Xing de3bf36b61 Fixing node statuses related to local storage capacity isolation.
- Wrapping all node statuses from local storage capacity isolation under an alpha feature check. Currently there should not be any storage statuses.
- Replaced all "storage" statuses with "storage.kubernetes.io/scratch". "storage" should never be exposed as a status.
2017-06-20 17:34:59 -07:00
Kubernetes Submit Queue 5780cd06d1 Merge pull request #47572 from justinsb/fix_47524
Automatic merge from submit-queue

AWS: Remove blackhole routes in our managed range

Blackhole routes otherwise acccumulate unboundedly.  We also are careful
to ensure that we do so only within the managed range, which requires
enlisting the help of the routecontroller.

Fix #47524

```release-note
AWS: clean up blackhole routes when using kubenet
```
2017-06-20 17:00:30 -07:00
Random-Liu d779e9c956 Change CRI package name to runtime. 2017-06-20 15:43:11 -07:00
Kubernetes Submit Queue 2df2247a82 Merge pull request #42250 from justinsb/volumes_getnodeandvolume_comment
Automatic merge from submit-queue

volumes: add comment on getNodeAndVolume

Add comments on getNodeAndVolume to explain the code - it is a little
subtle, and it confused me on first reading.

Part of #40583

```release-note
NONE
```
2017-06-20 15:07:47 -07:00
Shyam Jeedigunta 97fdc0582c Get rid of 30s ResyncPeriod in endpoint controller 2017-06-20 17:05:47 +02:00
NickrenREN 6de7e3f3dc Make different container runtimes constant 2017-06-20 19:58:39 +08:00
Humble Chirammal 8cb70cd0e6 Use more meaningful and consistent variable names in glusterfs plugin.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2017-06-20 11:12:47 +05:30
jianglingxia 8e07664914 delete the for loops that done nothing 2017-06-20 11:20:30 +08:00
Kubernetes Submit Queue 9395db4186 Merge pull request #46909 from derekwaynecarr/fix-env-var-validation
Automatic merge from submit-queue (batch tested with PRs 47726, 47693, 46909, 46812)

pod spec was not validating envFrom

**What this PR does / why we need it**:
adds missing validation for envFrom in a pod.spec.containers.envFrom
fixes validation of pod.spec.containers.env.configMapRef.name
fixes validation of pod.spec.containers.env.secretRef.name

**Which issue this PR fixes** 
Fixes https://github.com/kubernetes/kubernetes/issues/46908
2017-06-19 18:34:03 -07:00
Kubernetes Submit Queue 6dbe0b3b33 Merge pull request #47693 from kow3ns/sts-e2e
Automatic merge from submit-queue (batch tested with PRs 47726, 47693, 46909, 46812)

Additional e2e for StatefulSet Update

**What this PR does / why we need it**:
This PR adds additional e2e tests for StatefulSet update

fixes: #46942

```release-note
NONE
```
2017-06-19 18:34:01 -07:00
Kubernetes Submit Queue 5e6355ca9d Merge pull request #47726 from rootfs/revert-45528
Automatic merge from submit-queue (batch tested with PRs 47726, 47693, 46909, 46812)

manually revert #45528

**What this PR does / why we need it**:
Revert #45528
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47657

**Special notes for your reviewer**:
@humblec @liggitt @saad-ali @kubernetes/kubernetes-release-managers 
**Release note**:

```release-note
NONE
```
2017-06-19 18:33:59 -07:00
Kubernetes Submit Queue cfdbc9c028 Merge pull request #46731 from rmmh/test-only-once
Automatic merge from submit-queue

Don't rerun certificate manager tests 1000 times.

**What this PR does / why we need it**:
Running every testcase 1000 times needlessly bloats the logs.

**Release note**:
```release-note
NONE
```
2017-06-19 17:13:06 -07:00
Kubernetes Submit Queue 6b52d8f138 Merge pull request #47701 from smarterclayton/stable_serialization
Automatic merge from submit-queue (batch tested with PRs 47669, 40284, 47356, 47458, 47701)

Serialized protobuf should have stable map order

Leverage `stable_marshaller_all` tag in gogo-protobuf to ensure all of our maps have stable ordering when serialized to protobuf. This preserves the behavior from JSON that we rely on to avoid writing to etcd except when the content has changed.

Will slightly increase allocations (1 slice per non-empty map in an object) during Encode, which has a minor impact on CPU. However, avoiding writes when a client issues a blind put results in significantly less CPU across the whole cluster (avoiding a new etcd version for an Endpoints object might save ~1 core/sec on large clusters).

Fixes #47678 

```release-note
The protobuf serialization of API objects has been updated to store maps in a predictable order to ensure that the representation of that object does not change when saved into etcd. This prevents the same object from being seen as being modified, even when no values have changed.
```
2017-06-19 15:25:06 -07:00
Kubernetes Submit Queue a73bf4e917 Merge pull request #40284 from chentao1596/sliceutils-unittest
Automatic merge from submit-queue (batch tested with PRs 47669, 40284, 47356, 47458, 47701)

add unit test cases for kubelet.util.sliceutils

What this PR does / why we need it:
I have not found any unit test case for this file, so i do it, thank you!

Fixes #47001
2017-06-19 15:24:59 -07:00
Huamin Chen 14c94fad2b manually revert #45528
Signed-off-by: Huamin Chen <hchen@redhat.com>
2017-06-19 17:57:37 +00:00
Kenneth Owens 45eeaab715 Fixes a bug where RollingUpdateStrategy combined with Parallel pod management allows for more than one Pod to be unready during update. We want this behavior during turn up and turn down but not during update. Otherwise we risk violating reasonable disruption budgets. 2017-06-19 06:53:46 -07:00
Mayank Kumar 5ee1831fa9 use appsv1beta1 for statefulsets and controller
history
2017-06-18 02:16:47 -07:00
FengyunPan f01f9a9035 Output TYPE for getting service
Now service already supported 4 ServiceTypes, ServiceTypes is
friendly to distinguish services, so outputing service type better
when running 'kubectl get service'.
2017-06-18 12:19:57 +08:00
Clayton Coleman 606825eea4
generated: protobuf with stable map ordering 2017-06-17 14:32:51 -04:00
Chakravarthy Nelluri 894b9b2add Remove controller node plugin driver dependency for non-attachable flex volume drivers (Ex: NFS). 2017-06-17 14:12:43 -04:00
NickrenREN 312cd1bbe6 Modify NewVolumeManager() function return value
Since function NewVolumeManager() will always return vm and nil, we do not need the second return value, it will always be nil.
2017-06-17 23:33:12 +08:00
Di Xu aa23ed53c2 not allow backsteps in local volume plugin 2017-06-17 14:37:34 +08:00
Kubernetes Submit Queue a57c33bd28 Merge pull request #47690 from caesarxuchao/disable-alpha-by-default
Automatic merge from submit-queue

Turn off the alpha features by default

Fix https://github.com/kubernetes/kubernetes/issues/47687.

@liggitt @sttts do you know if it's intentional to turn on rbac v1alpha1?

```release-note
The following alpha API groups were unintentionally enabled by default in previous releases, and will no longer be enabled by default in v1.8:
rbac.authorization.k8s.io/v1alpha1
settings.k8s.io/v1alpha1
If you wish to continue using them in v1.8, please enable them explicitly using the `--runtime-config` flag of the apiserver (for example, `--runtime-config="rbac.authorization.k8s.io/v1alpha1,settings.k8s.io/v1alpha1"`)
```
2017-06-16 22:29:22 -07:00
Chao Xu 68eb89a9f1 remove the alpha features 2017-06-16 20:12:45 -07:00
Kubernetes Submit Queue 098e1df3b6 Merge pull request #47290 from jhorwit2/jah/hostpath-psp-backstep-check
Automatic merge from submit-queue (batch tested with PRs 47626, 47674, 47683, 47290, 47688)

validate host paths on the kubelet for backsteps

**What this PR does / why we need it**:

This PR adds validation on the kubelet to ensure the host path does not contain backsteps that could allow the volume to escape the PSP's allowed host paths. Currently, there is validation done at in API server; however, that does not account for mismatch of OS's on the kubelet vs api server. 

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47107

**Special notes for your reviewer**:

cc @liggitt

**Release note**:


```release-note
Paths containing backsteps (for example, "../bar") are no longer allowed in hostPath volume paths, or in volumeMount subpaths
```
2017-06-16 19:57:01 -07:00
Kubernetes Submit Queue fdc6746818 Merge pull request #46382 from verult/FlexVolumeMinorPatches
Automatic merge from submit-queue (batch tested with PRs 38751, 44282, 46382, 47603, 47606)

Adding 'flexvolume' prefix to FlexVolume plugin names.

**What this PR does / why we need it**: Adds a prefix to FlexVolume plugin names in order to more easily identify plugins as FlexVolume. Improves debugging.

**Special notes for your reviewer**: Unfortunately the delimiter after 'flexvolume' is restricted to either '-' or '.' . This makes the prefix seem like it's part of the vendor name. Not sure if this could cause issues later on.

**Release note**:

```release-note
NONE
```
2017-06-16 18:05:51 -07:00
Kubernetes Submit Queue 48d263d3bf Merge pull request #44282 from derekwaynecarr/fix-kubectl-logs
Automatic merge from submit-queue (batch tested with PRs 38751, 44282, 46382, 47603, 47606)

kubectl logs with label selector supports specifying a container name

**What this PR does / why we need it**:
Allows `kubectl logs` to take both a label selector and container name.  This allows me to fetch logs from pods by selector whose pods have multiple containers with a common name.  This is a common action when debugging components like the service-catalog that ship more than one container in their pod.  With this change, the following command lets me get logs for service-catalog.

```
$ kubectl logs -l app=sc-catalog-apiserver --namespace=service-catalog --container=apiserver
```
2017-06-16 18:05:48 -07:00
Kubernetes Submit Queue 9054e70ca3 Merge pull request #38751 from chenchun/warn
Automatic merge from submit-queue

Raise a warning instead of info if br-netfilter is missing or unset

Took quite a while to figure out why service VIP is unreachable on my cluster. It turns out br-nf-call-iptables is unset. I wish this message could be a warning to attract considerable attention.
2017-06-16 17:25:32 -07:00
Dawn Chen cd08baa2c7 Merge pull request #47631 from bowei/fix-47379
Fix hardcoded CIDR in the validation_test
2017-06-16 14:39:20 -07:00
Josh Horwitz 48b3fb84ab do not allow backsteps in host volume plugin
Fixes #47107
2017-06-16 16:48:24 -04:00
Jun Xiang Tee d76b08d154 deprecate created-by annotation for pod drain 2017-06-16 13:33:26 -07:00
Kubernetes Submit Queue ad4d965711 Merge pull request #46961 from zjj2wry/api_describe
Automatic merge from submit-queue

Fix api description

**What this PR does / why we need it**:
prefered ->  preferred
the the ->  the

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-06-16 12:19:08 -07:00
Kubernetes Submit Queue 464831e240 Merge pull request #47557 from janetkuo/hash-label-rename
Automatic merge from submit-queue (batch tested with PRs 46884, 47557)

Rename DaemonSet and StatefulSet hash label

**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47554

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```

/assign @kow3ns 
/cc @bgrant0607 
@kubernetes/sig-apps-api-reviews
2017-06-16 11:34:01 -07:00
Yecheng Fu 4e5e9ca0cd Only `layering` RBD image format 2 feature should be supported for now. 2017-06-16 18:07:03 +00:00
Yecheng Fu 0c7cdf773b Add `imageFeatures` parameter for RBD volume plugin, which is used to
customize RBD image format 2 features.
Update RBD docs in examples/persistent-volume-provisioning/README.md.
2017-06-16 18:07:03 +00:00
Wei Wei 2632bdd5e0 storageclass ceph add imageformat parameter 2017-06-16 18:07:03 +00:00
Jacob Simpson 334de1cbe1 Auto approve kubelet certificate signing requests. 2017-06-16 08:47:12 -07:00
Kubernetes Submit Queue c31893978b Merge pull request #45918 from juanvallejo/jvallejo/fix-kubectl-set-resources-local
Automatic merge from submit-queue

fix --local flag for kubectl commands

Fixes https://github.com/kubernetes/kubernetes/issues/47079

**Release note**:
```release-note
NONE
```

Fixes the `--local` flag for `kubectl set ...` sub-commands.
**As of the 1.7 release**, `PrinterForCommand` was updated to [use a mapper and typer for unstructured objects](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubectl/cmd/util/factory_builder.go#L52), which further prevented the use of `--local` when there was no connection to an api server.


**before** (with no connection to a server)
```
$ kubectl set resources -f pod.json --limits=cpu=200m,memory=512Mi --local
error: unable to connect to a server to handle "pods": Get https://10.13.137.149:8443/api: dial tcp 10.13.137.149:8443: getsockopt: connection refused
```

**after** (with no connection to a server)
```
$ kubectl set resources -f pod.json --limits=cpu=200m,memory=512Mi --local
NAME              READY     STATUS    RESTARTS   AGE
mypod   0/1                 0          <unknown>
```

cc @smarterclayton @fabianofranz
2017-06-16 08:19:13 -07:00
Jian Zhang d31a7cb301 fixed the logging of which conversions. 2017-06-16 12:28:23 +00:00
Jan Safranek b28790a63b Speed up attach/detach controller integration tests
Internal attach/detach controller timers should be configurable and tests
should use much shorter values.

reconcilerSyncDuration is deliberately left out of TimerConfig because it's
the only one that's not a constant one, it's configurable by user.
2017-06-16 12:15:04 +02:00
Lee Verberne 01c7d129fb Create a kubectl alpha subcommand
Alpha commands can be added under `kubectl alpha` and are always
accessible (regardless of feature gates). If no alpha commands have been
defined then `alpha` is not displayed in `help`.
2017-06-16 07:09:21 +00:00
Haoran Wang f732e4baae Clean up Deployment overlap annotation code 2017-06-16 14:20:44 +08:00
Bowei Du 1ed4afca80 Fix hardcoded CIDR in the validation_test
The ideal fix is to not hardcode these values.

fixes #47479
2017-06-15 22:15:56 -07:00
Kubernetes Submit Queue 7831a5426f Merge pull request #47605 from brendandburns/container
Automatic merge from submit-queue (batch tested with PRs 47562, 47605)

Change Container permissions to Private for provisioned Azure Volumes

@rootfs @philips #47611
2017-06-15 21:54:30 -07:00
Kubernetes Submit Queue 06e8e0c877 Merge pull request #47410 from justinsb/fix_45050
Automatic merge from submit-queue (batch tested with PRs 47451, 47410, 47598, 47616, 47473)

AWS: Cache instances for ELB to avoid #45050

We maintain a cache of all instances, and we invalidate the cache
whenever we see a new instance.  For ELBs that should be sufficient,
because our usage is limited to instance ids and security groups, which
should not change.

Fix #45050

```release-note
AWS: Maintain a cache of all instances, to fix problem with > 200 nodes with ELBs
```
2017-06-15 19:52:07 -07:00
Kubernetes Submit Queue 509bf69a2d Merge pull request #47612 from freehan/hostport-bug-fix
Automatic merge from submit-queue (batch tested with PRs 47523, 47438, 47550, 47450, 47612)

append KUBE-HOSTPORTS to system chains instead of prepend

Bug fix for conflicting iptables rules between hostport and kube-proxy
2017-06-15 18:54:08 -07:00
Kubernetes Submit Queue a36d9df224 Merge pull request #47450 from kargakis/fix-drain
Automatic merge from submit-queue (batch tested with PRs 47523, 47438, 47550, 47450, 47612)

Ignore 404s on evict

One of our upgrades failed with 
```
error: error when evicting pod \"boo-2-deploy\": pods \"boo-2-deploy\" not found"
```

@derekwaynecarr since you already fixed half of it 

cc: @kubernetes/sig-cli-bugs 

I failed terribly at adding a unit test mostly because draining involves discovery for the eviction API and the fake client stuff for discovery are far from functional - will spawn a separate issue about it.

fyi @jupierce

related: https://github.com/kubernetes/kubectl/issues/28
2017-06-15 18:54:06 -07:00
Brendan Burns f07ac3efc6 Change Container permissions to Private. 2017-06-16 01:40:10 +00:00
Janet Kuo 25a67fc5cd Rename DaemonSet and StatefulSet hash label
Make them share the same hash label "controller-revision-hash", for
consistency
2017-06-15 18:04:27 -07:00
Mitsuhiro Tanino 285ac8935f iSCSi plugin: Remove redundant nil check 2017-06-15 18:00:29 -04:00
Minhan Xia e6add2072b append KUBE-HOSTPORTS to system chains instead of prepend 2017-06-15 12:06:46 -07:00
Justin Santa Barbara 737607ba6b AWS: Fix suspicious loop comparing permissions
Because we only ever call it with a single UserId/GroupId, this would
not have been a problem in practice, but this fixes the code.

Fix #36902
2017-06-15 09:20:41 -04:00
Cao Shufeng fbcbb77fc8 Only do string trim when it's necessary
This will enhance performance a little bit.
2017-06-15 17:32:31 +08:00
Kubernetes Submit Queue 562e721ece Merge pull request #47462 from derekwaynecarr/strip-container-id-events
Automatic merge from submit-queue

Strip container id from events

**What this PR does / why we need it**:
reduces spam events from kubelet in bad pod scenarios

**Which issue this PR fixes**:
relates to https://github.com/kubernetes/kubernetes/issues/47366

**Special notes for your reviewer**:
pods in permanent failure states created unique events

**Release note**:
```release-note
None
```
2017-06-14 23:26:01 -07:00
Kubernetes Submit Queue 23aafdabba Merge pull request #47491 from derekwaynecarr/fix-image-name-validation
Automatic merge from submit-queue

image name must not have leading or trailing whitespace

**What this PR does / why we need it**:
verifies that an image name can not have leading or trailing whitespace

**Which issue this PR fixes**
fixes https://github.com/kubernetes/kubernetes/issues/47490

**Special notes for your reviewer**:
i was surprised we had not caught this, so if there is an image spec that says leading and trailing whitespace is a good thing, i am open to correction.

i was made aware of downstream users of validate pod template spec that used " " as a special token.  as a result, i only do the validation of image name " " in the `Pod` only.

**Release note**:
```release-note
NONE
```
2017-06-14 22:31:58 -07:00
Kubernetes Submit Queue 289de0ee14 Merge pull request #45764 from krmayankk/depl-del-rs
Automatic merge from submit-queue (batch tested with PRs 47492, 47542, 46800, 47545, 45764)

delete dependent pods for rs when deleting deployments

Fix #44046, where user reported that the garbage collector didn't delete pods when a deployment was deleted with PropagationPolicy=Background.
2017-06-14 21:43:48 -07:00
Kubernetes Submit Queue 08c705e875 Merge pull request #46800 from deads2k/agg-33-priority
Automatic merge from submit-queue (batch tested with PRs 47492, 47542, 46800, 47545, 45764)

separate group and version priority

Fixes https://github.com/kubernetes/kubernetes/issues/46322


This just modifies the API and does the minimal plumbing.  I can extend this pull or do another to fix the priority problem.
2017-06-14 21:43:44 -07:00
Kubernetes Submit Queue 8cbf3a33d4 Merge pull request #47542 from enisoc/tpr-watch
Automatic merge from submit-queue (batch tested with PRs 47492, 47542, 46800, 47545, 45764)

Fix TPR watches.

Fixes #47027

TPR watch has been broken since #44350.
2017-06-14 21:43:41 -07:00
Klaus Ma d3efbfcd33 Fixed PVC's capacity in description. 2017-06-15 11:56:46 +08:00
Justin Santa Barbara 3d2b71b78f AWS: Maintain a cache of all instances for ELB
We maintain a cache of all instances, and we invalidate the cache
whenever we see a new instance.  For ELBs that should be sufficient,
because our usage is limited to instance ids and security groups, which
should not change.

Fix #45050
2017-06-14 23:39:18 -04:00
Kubernetes Submit Queue 877308bbe5 Merge pull request #47521 from squeed/release-1.7
Automatic merge from submit-queue (batch tested with PRs 47510, 47516, 47482, 47521, 47537)

cni: Don't try and map ports with an unset HostPort

The CNI Host function GetPodPortMappings also includes unmapped ports (this is apparently by design). This is normal, and the CNI network plugin invoker should not attempt to map these ports.

This matches the functionality in the kubenet hostport mapper.

Fixes: #47529
2017-06-14 20:32:49 -07:00
Kubernetes Submit Queue 8e4ec18adf Merge pull request #47516 from gnufied/fix-filter-limit-aws
Automatic merge from submit-queue (batch tested with PRs 47510, 47516, 47482, 47521, 47537)

Batch AWS getInstancesByNodeNames calls with FilterNodeLimit

We are going to limit the getInstancesByNodeNames call with a batch
size of 150.

Fixes - #47271

```release-note
AWS: Batch DescribeInstance calls with nodeNames to 150 limit, to stay within AWS filter limits.
```
2017-06-14 20:32:45 -07:00
Justin Santa Barbara 11f8886f12 AWS: Remove blackhole routes in our managed range
Blackhole routes otherwise acccumulate unboundedly.  We also are careful
to ensure that we do so only within the managed range, which requires
enlisting the help of the routecontroller.

Fix #47524
2017-06-14 23:02:55 -04:00
Dong Liu f8ae27db57 Add E2E tests for Azure internal loadbalancer support, fix an issue for public IP resource deletion. 2017-06-15 10:52:18 +08:00
Kubernetes Submit Queue eb26aa5553 Merge pull request #47400 from chakri-nelluri/fixgetvolumename
Automatic merge from submit-queue (batch tested with PRs 47204, 46808, 47432, 47400, 47099)

Remove broken getvolumename and pass PV or volume name to attach call

Cherry-picking https://github.com/kubernetes/kubernetes/pull/46249 to master

What this PR does / why we need it:
Flex getvolumename is broken in 1.6. It needs to be fixed comprehensively in 1.7 release. Removing the api in 1.6. Also pass PV or volume name to the driver during attach call. Detach uses PV or volume name, so plugin can use that information to map to PV.
Which issue this PR fixes (optional, in fixes #(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #
Fixes - #44737
2017-06-14 17:14:06 -07:00
Kubernetes Submit Queue 2939837923 Merge pull request #46808 from caesarxuchao/make-daniels-pr-dynamic
Automatic merge from submit-queue (batch tested with PRs 47204, 46808, 47432, 47400, 47099)

Make the generic webhook admission controller use the dynamic webhook config manager

Based on #46672 and #46388.

Only the last commit is unique.

* removed `SetWebhookSource` from the PluginInitializer
* implemented `SetExternalClientset` for the generic webhook admisson controller, initializing an ExternalWebhookConfigurationManager in the method.
2017-06-14 17:13:56 -07:00