Automatic merge from submit-queue (batch tested with PRs 47043, 48448, 47515, 48446)
Fix secret/configmap/projected volume update tests to work for large clusters
Fixes https://github.com/kubernetes/kubernetes/issues/48359
/cc @kubernetes/sig-node-pr-reviews @wojtek-t @gmarek
Automatic merge from submit-queue (batch tested with PRs 46926, 48468)
Fix typo in cluster size autoscaling tests selector
This caused tests not to be run automatically
Automatic merge from submit-queue (batch tested with PRs 46926, 48468)
Added helper funcs to schedulercache.Resource.
**What this PR does / why we need it**:
Avoid duplicated code slice by helper funcs.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#46924
**Release note**:
```release-note-none
```
The cluster scoped resource has a field that indicates Flunder.Names that are disallowed.
The resource is going to be used by an admission plugin.
The admission plugin will list the cluster-scope resources and check against banned names.
Issue: #47868
Automatic merge from submit-queue (batch tested with PRs 46928, 47345)
kubeadm: Move directory ./master to ./phases/controlplane
**What this PR does / why we need it**:
- Moves app/master into phases/controlplane. It should be in the phases directory, was just overlooked earlier
- Harmonizes the import names in phases/controlplane with the similar import names in cmd/kubeadm
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
Please review only second and third commit, based on https://github.com/kubernetes/kubernetes/pull/47339
Targets v1.8
**Release note**:
```release-note
NONE
```
@kubernetes/sig-cluster-lifecycle-pr-reviews @timothysc @pipejakob
Automatic merge from submit-queue
remove unused function and variable from audit backend
auditStringSlice is not used here anymore.
sink variable is also not used.
**Release note**:
```
NONE
```
Fixes: #47114
Automatic merge from submit-queue
Follow up for https://github.com/kubernetes/kubernetes/pull/47003
**What this PR does / why we need it**:
This is addressing left comments for https://github.com/kubernetes/kubernetes/pull/47003#discussion_r120888982
/cc @aveshagarwal
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 48439, 48440, 48394)
GuaranteedUpdate must write if stored data is not canonical
An optimization added to the GuaranteedUpdate loop changed the
comparison of the current objects serialization against the stored data,
instead comparing to the in memory object, which defeated the mechanism
we use to migrate stored data (GET then PUT should update the version stored in etcd if the canonical serialization has changed)
This commit preserves that optimization but correctly verifies the in
memory serialization against the on disk serialization by fetching the
latest serialized data. Since most updates are not no-ops, this should
not regress the performance of the normal path.
Fixes#48393
```release-note
When performing a GET then PUT, the kube-apiserver must write the canonical representation of the object to etcd if the current value does not match. That allows external agents to migrate content in etcd from one API version to another, across different storage types, or across varying encryption levels. This fixes a bug introduced in 1.5 where we unintentionally stopped writing the newest data.
```
Automatic merge from submit-queue (batch tested with PRs 48439, 48440, 48394)
Fix kubernetes charms not restarting services after snap upgrades
**What this PR does / why we need it**:
This fixes a problem where the Kubernetes charms don't restart services after upgrading snaps. This can cause certain fixes not to be picked up (for example https://github.com/juju-solutions/release/pull/10)
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
Fixed kubernetes charms not restarting services after snap upgrades
```
Automatic merge from submit-queue (batch tested with PRs 48439, 48440, 48394)
Fix: namespace-create have kubectl in path
**What this PR does / why we need it**: In juju deployed clusters namespace-create action is failing
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes https://github.com/juju-solutions/bundle-canonical-kubernetes/issues/326
**Special notes for your reviewer**:
**Release note**:
```Fix: namespace-create action on Juju deployed clusters
```
Automatic merge from submit-queue (batch tested with PRs 47784, 47793, 48334, 48435, 48354)
allow a deletestrategy to opt-out of GC
Not all resources should be GC-able and we implemented an ignore list to handle this, but at the storage layer they could still set finalizers, they just hung in a stuck state forever. This updates the strategy to allow a resource to indicate that they shouldn't be GCed.
@kubernetes/sig-api-machinery-misc
Automatic merge from submit-queue (batch tested with PRs 47784, 47793, 48334, 48435, 48354)
Non-leaders overwrite local keys with what the leader has
**What this PR does / why we need it**: Non-leaders juju master units do not update their auth keys.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#48434
**Special notes for your reviewer**:
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 47784, 47793, 48334, 48435, 48354)
update events' ResponseStatus at Metadata level
ResponseStatus is populated in MetadataLevel, so we also update it in
MetadataLevel.
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 47784, 47793, 48334, 48435, 48354)
Convert Stackdriver Logging load e2e tests to soak tests
Instead of loading logging mechanism for 10 minutes, load for 21 hours to detect regressions that require some time to build up.
Made possible by switching to pub/sub. Only merge after corresponding test suites have appropriate timeouts: https://github.com/kubernetes/test-infra/pull/3119
/cc @piosz @fgrzadkowski
Automatic merge from submit-queue (batch tested with PRs 47784, 47793, 48334, 48435, 48354)
add validate for advanced audit policy
This change checks group name and non-resrouce URLs format for audit
policy.
**Release note**:
```
add validate for advanced audit policy, kube-apiserver will do a stricter validation and will break existing users with invalid configs.
```
Automatic merge from submit-queue
Use %q formatter for error messages from the AWS SDK. #47789
Error messages from the AWS SDK can have return keys in them, so use %q formatter for those messages.
Automatic merge from submit-queue
support NoSchedule taints correctly in DaemonSet controller
Fixes https://github.com/kubernetes/kubernetes/issues/48190
```release-note
Support NoSchedule taints correctly in DaemonSet controller.
```
cc @kubernetes/sig-apps-pr-reviews
Automatic merge from submit-queue
Add timothysc to kubeadm reviewers
**What this PR does / why we need it**:
Adds timothysc to kubeadm reviewers b/c I'm working on it this cycle.
**Release note**:
```
NONE
```
Automatic merge from submit-queue
apiextensions: add cleanup section to client-go
Adds a `Cleanup` section to be consistent with other client-go tutorials.
Fixes https://github.com/kubernetes/apiextensions-apiserver/issues/1
**Release note**:
```release-note
NONE
```
An optimization added to the GuaranteedUpdate loop changed the
comparison of the current objects serialization against the stored data,
instead comparing to the in memory object, which defeated the mechanism
we use to migrate stored data.
This commit preserves that optimization but correctly verifies the in
memory serialization against the on disk serialization by fetching the
latest serialized data. Since most updates are not no-ops, this should
not regress the performance of the normal path.
Automatic merge from submit-queue
Add configuration for swift container name
**What this PR does / why we need it:**
This review updates the OpenStack Heat provider to allow for configuring the name of the Swift object store.
**Which issue this PR fixes:**
fixes#47966
**Special notes for your reviewer**:
Note that the terminology for OpenStack Swift conflicts with K8S terminology. In this instance, container is referring to the organization structure of Swift storage objects.
**Release note**:
```release-note
Adds configuration option for Swift object store container name to OpenStack Heat provider.
```
Automatic merge from submit-queue
split util/slice for kubectl
Split util/slice to remove the dependency of kubectl on `k8s.io/kubernetes/pkg/util/slice`.
```release-note
NONE
```
/assign @apelisse @monopole
cc: @pwittrock
ref #48209
Kubernetes Submit Queue