Automatic merge from submit-queue
Add authentication to openapi Spec
We need authentication definition in OpenAPI spec to be able to generate a client with authorization.
Automatic merge from submit-queue
Kubelet getting node from apiserver cache before update.
This is blocked on #35218 (however it's ready for review).
It seems to visibly reduce the apiserver metrics (and I didn't observe higher number of conflicts even in 2000-node kubemark).
Automatic merge from submit-queue
service e2e: remove TODO and subtle changes in logging
Removes the stale `TODO` for external source IP preservation as the e2e test of ESIPP was added.
Changes logging in create service functions: namespace/namespace -> namespace/serviceName.
@bprashanth
Automatic merge from submit-queue
ignore default.etcd directory
When using `hack/install-etcd.sh`, `/default.etcd` is created for the data directory. Add that to `.gitignore`.
```release-note
NONE
```
Automatic merge from submit-queue
proposals: Add Volume Hostpath "type" proposal
This is a continuation of #31384. It's related to #26816 as well.
The discussion in #31384 is worth reading and this proposal largely derives from my comments there.
cc @thockin @pmorie @saad-ali @kubernetes/sig-storage
cc @yujuhong since it talks briefly about kubelet doing more
cc @calebamiles I think we might need a "Feature" for this since it's an api change, though a minor one?
Automatic merge from submit-queue
Create restclient interface
Refactoring of code to allow replace *restclient.RESTClient with any RESTClient implementation that implements restclient.RESTClientInterface interface.
Automatic merge from submit-queue
Eliminate half-baked multi-architecture support
**What this PR does / why we need it**:
We have release `kubeadm` with half-baked support for clusters with nodes of different CPU architectures. The problem with the code as it stand is that user will notice pending daemonsets of `kube-proxy` for machines with architectures that they don't have. At the same time, the code as it stand did not pick up correct images for architectures it wanted to allow. Additionally, it only treated `kube-proxy` in such a way, but didn't do anything about `kube-dns`. This removes multiple daemonesets, but ensures that whichever resources we deploy have node affinity set to the architecture native to the master. Users wishing to use mixed architectures can still create extra daemonsets via the API.
**Which issue this PR fixes**: fixes#33916
**Release note**:
```release-note
Remove support for multi-architecture code in `kubeadm`, which was released untested.
```
Automatic merge from submit-queue
CRI: Handle container/sandbox restarts for pod with RestartPolicy == …
If all sandbox and containers are dead in a pod, and the restart policy is
"Never", kubelet should not try to recreate all of them.
Automatic merge from submit-queue
Deny service ClusterIP update from `None`
**What this PR does / why we need it**: Headless service should not be transformed into a service with ClusterIP, therefore update of this field if it's set to `None` is disallowed.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#33029
**Release note**:
```release-note
Changing service ClusterIP from `None` is not allowed anymore.
```
Automatic merge from submit-queue
add generic shared informer backed by existing informer
Adds the ability to get an informer and lister that returns `[]runtime.Object` methods with the "normal" filtering capabilities based on a `GroupResource`. Right now, it only works on known types (and re-uses those caches for efficiency by having a different skin on the `Index`). It should be extended in the future.
@derekwaynecarr I think this gives you the types you were looking for to avoid the ugly array copies.
Automatic merge from submit-queue
Support resourceVersion in GetToList - unify interface of List and Ge…
This pretty much unifies the interface of List() and GetToList() methods of storage interface.
I'm going to use it in a subsequent PR to improve performance of the whole cluster.
Automatic merge from submit-queue
Return an empty network namespace path for exited infra containers
If the infra container has already terminated, `docker inspect` will report
pid 0. The path constructed using the pid to check the network namespace of
the process will be invalid. This commit changes docker to report an empty
path to stop kubenet from erroring out whenever TearDown is called on an
exited infra container.
This is not a fix for all the plugins, as some plugins may require the actual
network namespace to tear down properly.
Mike Danese