Automatic merge from submit-queue
complete and correct code comment
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 50254, 50174, 50179)
Moved node/testutil to upper dir.
**What this PR does / why we need it**:
Moved node/testutil to upper directory (`pkg/controller`); it's used by several controllers, and we need to test some helper func in `pkg/controller`.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: part of #49522
**Release note**:
```release-note
N/A
```
Automatic merge from submit-queue (batch tested with PRs 50254, 50174, 50179)
kubeadm: Add back labels for the Static Pod control plane
**What this PR does / why we need it**:
This Labels section has been removed now for a short period during the v1.8 dev cycle, but I found a good use-case for it; namely filtering Mirror Pods by the `component=kube-*` label when waiting for the self-hosted control plane to come up after an upgrade. It's not _really_ neccessary, but nice to have.
Also noticed the lack of coverage for this func, so added a small unit test.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Dependency for: https://github.com/kubernetes/kubernetes/pull/48899
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
@kubernetes/sig-cluster-lifecycle-pr-reviews @dmmcquay @timothysc @mattmoyer
Automatic merge from submit-queue (batch tested with PRs 50254, 50174, 50179)
Revert "Merge pull request #47353 from apelisse/http-cache"
Some issues were discovered with the caching merged in #47353:
* uses a disk-based cache that is not safe between processes (does not use atomic fs operations)
* writes get/list responses to disk that should not be cached (like `kubectl get secrets`)
* is vulnerable to partially written cache responses being used as responses to future requests
* breaks uses of the client transport that make use of websockets
* defaults to enabling the cache for any client builder using RecommendedConfigOverrideFlags or DefaultClientConfig which affects more components than just kubectl
This reverts commit fc89743dca, reversing changes made to 29ab38e898.
Automatic merge from submit-queue (batch tested with PRs 45993, 50293)
[Federation] HPA controller
This PR implements the design listed in https://github.com/kubernetes/community/pull/593.
This is still a work in progress, and needs more unit tests to be added.
I will add the integration tests and e2e tests in a separate PR(s).
@kubernetes/sig-federation-pr-reviews
**Release note**:
```
Horizontal Pod Autoscaling is now available as an alpha feature in federation.
It can be used to distribute and scale workload across clusters joined in a federation.
In its current form, it works only on cpu utilization and the support for other metrics is yet to be built in.
```
Automatic merge from submit-queue (batch tested with PRs 50208, 50259, 49702, 50267, 48986)
Relax restrictions on environment variable names.
Fixes#2707
The POSIX standard restricts environment variable names to uppercase letters, digits, and the underscore character in shell contexts only. For generic application usage, it is stated that all other characters shall be tolerated. (Reference [here](http://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html), my prose reasoning [here](https://github.com/kubernetes/kubernetes/issues/2707#issuecomment-285309156).)
This change relaxes the rules to some degree. Namely, we stop requiring environment variable names to be strict `C_IDENTIFIERS` and start permitting lowercase, dot, and dash characters.
Public container images using environment variable names beyond the shell-only context can benefit from this relaxation. Elasticsearch is one popular example.
Automatic merge from submit-queue (batch tested with PRs 50208, 50259, 49702, 50267, 48986)
Move ownership of proxy test to sig-network directory
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 50208, 50259, 49702, 50267, 48986)
fix the typo of intializing
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 50208, 50259, 49702, 50267, 48986)
provide the failing health as part of the controller error
When the controllers fail to start because the master is unhealthy, the healthz message is a useful starting point for debugging. This provides it in the error returned.
Automatic merge from submit-queue
Ignore the available volume when calling DetachDisk
Fix#50207
If user detachs the volume by nova in openstack env, volume becomes
available. If nova instance is been deleted, nova will detach it
automatically and become available. So the "available" is fine since that means the
volume is detached from instance already.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Removed un-used InodePressure condition.
**What this PR does / why we need it**:
Removed un-used InodePressure condition; kubelet did not report it anymore, so remove it.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49103
**Release note**:
```release-note
The node condition 'NodeInodePressure' was removed, as kubelet did not report it.
```
Automatic merge from submit-queue
Fix premature return
**What this PR does / why we need it**: Fixes a bug where the loop is prematurely terminated.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50040
**Special notes for your reviewer**:
**Release note**:
NONE
Automatic merge from submit-queue
StatefulSet scale subresource
**What this PR does / why we need it**: This PR implements scale subresource for StatefulSet.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#46005
**Special notes for your reviewer**:
**Release note**:
```release-note
StatefulSet uses scale subresource when scaling in accord with ReplicationController, ReplicaSet, and Deployment implementations.
```
**Feature Checklist**:
- [x] Introduce Registry interface for storage purpose
- [x] Introduce `ScaleREST New(), Get() and Update()` utility functions
- [x] Create a `ScaleREST` object at `NewREST()` and return it
- [x] Enable scale subresource by adding `/scale` field to the storage map
**Testing Checklist**:
- Unit testing
- [x] Modify `newStorage()` to call `NewStorage()`, and change all unit tests accordingly
- [x] Add unit tests for `ScaleREST Get() and Update()` utility functions
- [x] Add missing unit test for `ShortNames`
- Manual testing
- [x] Verify existence of the subresource using `kubectl proxy` command
- [x] Modify the subresource using `curl` via `POST`
- e2e testing
- [x] Add e2e tests using `RESTClient`
Automatic merge from submit-queue
Federated Job controller implementation
Note that job re-balance is not there yet as it's difficult to honor job deadline
requires #35945 and 35943
fixes#34261
@quinton-hoole @nikhiljindal @deepak-vij
**Release note**:
```release-note
Federated Job feature. It is now possible to create a Federated Job
that is automatically deployed to one or more federated clusters
(as Jobs in those clusters). Job parallelism and completions are
spread across clusters according to cluster selection and weighting
preferences. Federated Job status reflects the aggregate status
across all underlying cluster Jobs.
```
Automatic merge from submit-queue (batch tested with PRs 49524, 46760, 50206, 50166, 49603)
Fix errorf for get test
**What this PR does / why we need it**:
If the error messages do not use format, use t.Error() will be fine.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49524, 46760, 50206, 50166, 49603)
Handle missing OpenAPI specs on aggregated servers
Previously, the aggregator would fail to actually set up the aggregator
proxy for an API server that was missing an OpenAPI spec. It would show
up in discovery, but the actual proxying would fail to occur.
Now, we simply log an error if we can't fetch an OpenAPI spec for a
particular aggregated server, and continue on.
Fixes#50165
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49524, 46760, 50206, 50166, 49603)
[OpenStack] Add more detail error message
I get same simple error messages "Unable to initialize cinder client
for region: RegionOne" from controller-manager, but I can not find the
reason. We should add more detail message "err" into glog.Errorf.
Currently NewBlockStorageV2() return err when failed to get cinder endpoint, but there is no code to output the message of err.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49524, 46760, 50206, 50166, 49603)
fix parse pairs
**What this PR does / why we need it**:
add check to `-`
```
# kubectl label pod foo -
error: at least one label update is required
See 'kubectl label -h' for help and examples.
```
**Which issue this PR fixes**:
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49524, 46760, 50206, 50166, 49603)
Handled taints on node in batch.
**What this PR does / why we need it**:
Enhanced helpers to handled taints on node in batch.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49522
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 49885, 49751, 49441, 49952, 49945)
Rename e2e sig framework files
**What this PR does / why we need it**:
make files be consistent across all sig e2e tests dir.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Umbrella issue #49161
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49885, 49751, 49441, 49952, 49945)
There is no need to split service key repeatedly
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49885, 49751, 49441, 49952, 49945)
Fix error format and info for get_test.go
**What this PR does / why we need it**:
Fix error format and info for get_test.go
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49885, 49751, 49441, 49952, 49945)
Ignore UDP metrics in kubelet
Updating cadvisor godeps to 0.26.0 for the 1.7 release (#46658) added udp metrics. However, they were not disabled in the kubelet.
This PR disables collection of UDP metrics in the kubelet.
This should be cherrypicked to the 1.7 branch.
cc @dchen1107
Automatic merge from submit-queue (batch tested with PRs 50087, 39587, 50042, 50241, 49914)
Add node e2e test for Docker's shared PID namespace
Ref: https://github.com/kubernetes/kubernetes/issues/42926
This PR adds a simple test for the shared PID namespace that's enabled when Docker is 1.13.1+.
/sig node
/area node-e2e
/assign @yujuhong
**Release note**:
```
None
```
Automatic merge from submit-queue (batch tested with PRs 50087, 39587, 50042, 50241, 49914)
Enable selfHosted feature flag
**What this PR does / why we need it**:
Enables feature gating for self-hosting on kubeadm
**Which issue this PR fixes**
Continuation of https://github.com/kubernetes/kubeadm/issues/323
**Release note**:
```release-note
Feature gates now determine whether a cluster is self-hosted. For more information, see the FeatureGates configuration flag.
```
/cc @luxas
Automatic merge from submit-queue (batch tested with PRs 50087, 39587, 50042, 50241, 49914)
AttachDisk should not call detach inside of Cinder volume provider
Automatic merge from submit-queue (batch tested with PRs 50087, 39587, 50042, 50241, 49914)
plugin/pkg/client/auth: add openstack auth provider
This is an implementation of auth provider for OpenStack world, just like python-openstackclient, we read the environment variables of a list `OS_*`, and client will cache a token to interact with each components, we can do the same here, the client side can cache a token locally at the first time, and rotate automatically when it expires.
This requires an implementation of token authenticator at server side, refer:
1. [made by me] https://github.com/kubernetes/kubernetes/pull/25536, I can carry this on when it is fine to go.
2. [made by @kfox1111] https://github.com/kubernetes/kubernetes/pull/25391
The reason why I want to add this is due to the `client-side` nature, it will be confusing to implement it downstream, we would like to add this support here, and customers can get `kubectl` like they usually do(`brew install kubernetes-cli`), and it will just work.
When this is done, we can deprecate the password keystone authenticator as the following reasons:
1. as mentioned at some other places, the `domain` is another parameters which should be provided.
2. in case the user supplies `apikey` and `secrets`, we might want to fill the `UserInfo` with the real name which is not implemented for now.
cc @erictune @liggitt
```
add openstack auth provider
```
Automatic merge from submit-queue (batch tested with PRs 50087, 39587, 50042, 50241, 49914)
convert default predicates to use the default
Builds on https://github.com/kubernetes/kubernetes/pull/50019 (lgtm'd already)
This converts the already default field selectors to use the default value. I'll let CI point out the unit test failures for me to chase.
@kubernetes/sig-api-machinery-misc
Previously, the aggregator would fail to actually set up the aggregator
proxy for an API server that was missing an OpenAPI spec. It would show
up in discovery, but the actual proxying would fail to occur.
Now, we simply log an error if we can't fetch an OpenAPI spec for a
particular aggregated server, and continue on.
Automatic merge from submit-queue (batch tested with PRs 50091, 50231, 50238, 50236, 50243)
Fix storage tests for multizone test configuration.
**What this PR does / why we need it**:
This PR modifies "[sig-storage] Volumes PD should be mountable with (ext3|ext4)" tests to schedule pods in zone, where PD is created.
This is to make the test work in multizone environment.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 50091, 50231, 50238, 50236, 50243)
Move the sig-instrumentation test to a dedicated folder
Move the last remaining test to sig-instrumentation folder, also move "metrics" package to the "framework" folder
Related issue: https://github.com/kubernetes/kubernetes/issues/49161
/cc @xiangpengzhao @piosz
Automatic merge from submit-queue (batch tested with PRs 50091, 50231, 50238, 50236, 50243)
Modify e2e.go to arbitrarily pick one of zones we have nodes in for multizone tests.
**What this PR does / why we need it**:
When e2e runs in multizone configuration, zone config property can be empty.
This PR, in that case, overrides an empty value with arbitrarily chosen zone that we have nodes in.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 50091, 50231, 50238, 50236, 50243)
add fieldSelector podIP
**What this PR does / why we need it**:
Currently the `fieldSelector` for `Pod` only support `metadata.name`, `metadata.namespace`, `spec.nodeName`, `spec.restartPolicy` and `status.phase`.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50075
**Special notes for your reviewer**:
/cc @wojtek-t @caesarxuchao @justinsb @LiliC
**Release note**:
```release-note
add fieldSelector podIP
```
Automatic merge from submit-queue
fix typo in replenishment_controller.go
**What this PR does / why we need it**:
fix typo
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #N/A
**Release note**:
```release-note
None
```
Kubernetes Submit Queue