Automatic merge from submit-queue (batch tested with PRs 63152, 63253). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
make dynamic client slightly easier to use and add fakes
Tweaks the dynamic client to make it more "normal" for resources to namespaces. Adds a fake dynamic client.
@kubernetes/sig-api-machinery-pr-reviews
/assign @hzxuzhonghu
/assign @sttts
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubectl should not have a direct code dependency on controllers
The dependency linkage brings in the scheduler and a lot of unrelated
code. Instead, selectively copy methods that operate on public APIs.
@liggitt
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
scheduler: clean up and simplify equivalence cache locking
**What this PR does / why we need it**:
This is a cleanup of the locking code for equivalence cache. There is no change to the current logic or locking. This PR has a couple of implications, though.
1. It deletes (unreachable) code that could have been used to cache predicate results that consider nominated pods.
2. Callers should no longer lock/unlock the eCache manually, so coordinating that lock with other synchronization is restricted.
**Special notes for your reviewer**:
**Release note**:
<!-- Write your release note:
1. Enter your extended release note in the below block. If the PR requires additional action from users switching to the new release, include the string "**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
action required".
2. If no release note is required, just write "NONE".
-->
```release-note
NONE
```
/sig scheduling
/kind cleanup
Automatic merge from submit-queue (batch tested with PRs 55971, 63307). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Revert "fixtodo:validate events on PVCs in integration volume binding test"
This reverts commit 910fd1953e.
Events are not a reliable message bus... they throttle, deduplicate, and drop events over fairly conservative rate limit targets.
This commit caused test flakes, so reverting.
Fixes#63302
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 58474, 60034, 62101, 63198). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove Factory from more Run commands
/assign @juanvallejo
**Release note**:
-->
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 58474, 60034, 62101, 63198). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix wrong usage of kubelet option
**What this PR does / why we need it**:
"--allow-privileged true" is incorrect usage of boolean option.
It means setting '--allow-priviledged' to its default value plus
non-existing subcommand 'true'.
"--allow-privileged false" is even more confusing as it sets
allow-priviledged flag to its default value 'true'
This is true for any boolean command line option.
Fixed this by using correct syntax --allow-priviledged=true
**Special notes for your reviewer**:
This is a show-stopper for PR #61833
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 58474, 60034, 62101, 63198). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
avoid race condition in device manager and plugin startup/shutdown: wait for goroutines
**What this PR does / why we need it**:
Commit 1325c2f worked around issue #59488, but it is still worthwhile to fix the underlying root cause properly.
**Which issue(s) this PR fixes**:
Fixes#59488
**Special notes for your reviewer**:
This is an alternative to PR #59861, which used a different approach. Personally I tend to prefer this one now.
**Release note**:
```release-note
NONE
```
/sig node
/area hw-accelerators
/assign vikaschoudhary16
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apiserver: change default reconciler to LeaseEndpoint
**What this PR does / why we need it**:
Graduates the lease-endpoint-reconciler flag to beta, and defaults the endpoint reconciler to LeaseEndpoint instead of MasterCount.
- [x] Default Lease Endpoint Reconciler to on
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57617
**Special notes for your reviewer**:
**Release note**:
```release-note
kube-apiserver: `--endpoint-reconciler-type` now defaults to `lease`. The `master-count` reconciler is deprecated and will be removed in 1.13.
```
Running "kubeadm reset --cri-socket unix:///var/run/crio/crio.sock"
fails with this error:
[reset] Cleaning up running containers using crictl with socket unix:///var/run/crio/crio.sock
[reset] Failed to list running pods using crictl. Trying using docker instead.
The actual error returned by underlying API os/exec is:
fork/exec /usr/bin/crictl -r /var/run/crio/crio.sock info: no such file or directory
This is caused by passing full command line instead of executable
path as a first parameter to the Command API.
Fixed by passing correct parameters to the Command API.
Improved error output.
Automatic merge from submit-queue (batch tested with PRs 59879, 62729). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Openstack: fix orphaned route deletion
This is a follow-up to #56258 which only got half of the work done.
The OpenStack cloud providers DeleteRoute method fails to delete routes when it can’t find the corresponding instance in OpenStack.
```release-note
OpenStack cloudprovider: Fix deletion of orphaned routes
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add tests for GlusterFS dynamic provisioner.
This bring up a heketi server pod and the server will be running
in mock mode, the PVC creation should work, however the volume
attachment to a pod and read/write is not part of this test. Due
to the same reason the tests are marked as [fast].
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix duplicate comment in iptables rule for non-local public-port rule
**What this PR does / why we need it**:
When kubernetes creates an iptable rule for "from-non-local public-port"
rule the rule gets created with two identical comment section.
The function `iptablesNonLocalNodePortArgs` creates a list of arguments
for the rule from iptablesCommonPortalArgs function. This function
already appends the arguments for the rules comments and therefore does
not require appending the comment again.
**Special notes for your reviewer**:
I'm actually not a go programmer at all and have no idea how your tests work.
I doubt that my fix will require adjustements on tests but I'm not 100% sure.
If additional work is needed, I would be glad if someone could point it out to me so I can take care of it.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
correct CHANGELOG-1.10.md
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
1.10 CHANGELOG: Fix supported etcd version comparison with K8s v1.9
**What this PR does / why we need it**:
This updates the 1.10 CHANGELOG to correctly state that the supported etcd server version in v1.9 is 3.1.10.
This also corrects the reference to the pull request which updated the etcd version for v1.10.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix a bug that headless service without ports fails to have endpoint created.
**What this PR does / why we need it**:
Follow up of https://github.com/kubernetes/kubernetes/pull/47250. Headless service without ports fails to have corresponding endpoint created because endpoint controller deliberately attaches a dummy endpointPort with portNum=0, which will fail API validation check. Error as below:
```
endpoints_controller.go:375] Error syncing endpoints for service "default/XXX": Endpoints "XXX" is invalid: subsets[0].ports[0].port: Invalid value: 0: must be between 1 and 65535, inclusive
```
This PR makes endpoint controller not attach the dummy endpointPort for headless service.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#55158, fixes#62440
**Special notes for your reviewer**:
cc @xiangpengzhao
**Release note**:
```release-note
Fix a bug that headless service without ports fails to have endpoint created.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add approvers to pkg/controller/endpoint
**What this PR does / why we need it**:
Promoting reviewers listed in pkg/controller/endpoint to approvers.
/assign @thockin
cc @bowei
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #NONE
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[Prometheus addon] Use StatefulSet
This PR changes prometheus server manifest from deployment to statefulset.
Version label is removed from pods because statefulset disallows updating selectors.
```release-note
NONE
```
/cc @branch @kawych
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move pkg/scheduler/util/testutil.go to pkg/scheduler/testing
**What this PR does / why we need it**:
In the package `k8s.io/kubernetes/pkg/scheduler/util`, we have testutil.go, which has an init() function. Since this package is imported in production code, we are inadvertently running test code in production.
Fortunately (depending on how you look at it) scheduler already has a package called `k8s.io/kubernetes/pkg/scheduler/testing` which would be an appropriate home for these utils.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#63269
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
sync code from copy destination
**What this PR does / why we need it**:
sync code from copy destination
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
scheduler: align with ctrl-managers and apiservers, add https+auth in options
This switches the bootstrapping code to use the Options+Config pattern which
allows to compose flag sets and flag logic from reusable components.
This way https+authz+authn support is added to the Options struct (still disabled
for the actual binary, but available for downstreams).
TODOs:
- [x] fix kubeadm
Kubernetes Submit Queue