Automatic merge from submit-queue
Modify wrong description about "InsecurePort" in genericapiserver.go
Modify wrong description about "InsecurePort" in genericapiserver.go, avoid misleading.
Automatic merge from submit-queue
Improve fatal error description for init in genericapiserver.go
When api.NewRequestContextFilter return error in the "init" function of genericapiserver.go, there are no handler info, add more information to indicate s.Handler or s.InsecureHandler, I suggest.
Automatic merge from submit-queue
Optimise the New function in genericapiserver.go
It needn't the handlerContainer variable in the "New" function when deal s.HandlerContainer, I think, and it seems the codes more concise.
Automatic merge from submit-queue
[garbage collector] add e2e test
This PR also includes some changes to plumb controller-manager's `--enable_garbage_collector` from the environment variable.
The e2e test will not be run by the core suite because it's marked `[Feature:GarbageCollector]`.
The corresponding jenkins job configuration PR is https://github.com/kubernetes/test-infra/pull/132.
Move SystemReserved and KubeReserved into KubeletConfiguration struct
Convert int64 to int32 for some external type fields so they match internal ones
tLS* to tls* for JSON field names
Fix dependency on removed options.AutoDetectCloudProvider
Change floats in KubeletConfiguration API to ints
Update external KubeletConfiguration type
Add defaults for new KubeletConfiguration fields
Modify some defaults to match upstream settings
Add/rename some conversion functions
Updated codegen
Fixed typos
Mike Danese caught that s.NodeLabels wasn't allocated, fix on line 118
of cmd/kubelet/app/options/options.go.
Provide list of valid sources in comment for HostNetworkSources field
Automatic merge from submit-queue
Fix watch cache filtering
When serving watch events for a particular namespace, the watch cache filters out events from other namespaces by checking the etcd key of the event's object, and making sure it is prefixed with the root key for the namespace being watched.
The prefix check does not ensure the match occurs on a path segment boundary, so a watch on namespace `test` is delivered watch events for namespace `test1`.
This tightens the check to ensure the prefix match occurs on a path segment boundary.
When using runtime.Object and runtime.RawExtension, passing
runtime.Unknown to protobuf serializer should result in the raw message
being serialized (since all normal protobuf objects are
runtime.Unknown).
Also, avoid setting a content-type when decoding a protobuf object
except when the content appears to be proto.
Automatic merge from submit-queue
Support terminal resizing for exec/attach/run
```release-note
Add support for terminal resizing for exec, attach, and run. Note that for Docker, exec sessions
inherit the environment from the primary process, so if the container was created with tty=false,
that means the exec session's TERM variable will default to "dumb". Users can override this by
setting TERM=xterm (or whatever is appropriate) to get the correct "smart" terminal behavior.
```
Fixes#13585
Automatic merge from submit-queue
Log restclient request/response bodies using %#v.
These are now protobufs, so outputting them with %s dumps a large
amount of binary garbage into the log. %#v properly escapes exotic
characters.
Automatic merge from submit-queue
Retry when apiserver fails to listen on insecure port
The apiserver will already continually retry when it fails to bind to the secure port. However, with the insecure port it does not retry, and any failures cause the apiserver to exit.
This change makes it so the api-server will retry on both insecure/secure ports.
A use-case for this change is for self-hosting the api-server, particularly when you are only running a single copy in your cluster. In some bootstrap and upgrade scenarios - it's necessary to replace/pivot from an existing api-server on the same host -- where you need a new copy running before tearing down the old (which is problematic when the api-server will try to bind to an in-use port and exit).
With the introduction of batch/v1 and batch/v2alpha1, any
MultiRESTMapper that has per groupversion mappers (as a naive discovery
client would create) would end up being unable to call RESTMapping() on
batch.Jobs. As we finish up discovery we will need to be able to choose
prioritized RESTMappings based on the service discovery doc.
This change implements RESTMappings(groupversion) which returns all
possible RESTMappings for that kind. That allows a higher level call to
prioritize the returned mappings by server or client preferred version.
Automatic merge from submit-queue
update resource builder error message to be more clear
release-note-none
The error message given by command line `kubectl get` is sometimes of no help / not clear on what must be corrected, e.g.:
`kubectl get pod pod/database-1-i10b9`
error: when passing arguments in resource/name form, all arguments must include the resource
##### Steps to Reproduce:
1. Run command "$ kubectl get pod pod/database-1-i10b9"
##### Actual Result:
Get unfriendly error message which is of no help:
"error: when passing arguments in resource/name form, all arguments must include the resource"
##### Expected Result:
Error message should recommend end user to run this cli in good grammar: "$ kubectl get pod database-1-i10b9" or "$ kubectl get pod/database-1-i10b9"
##### Before
"error: when passing arguments in resource/name form, all arguments must include the resource"
##### After
"error: there is no need to specify a resource type as a separate argument when passing arguments in resource/name form (e.g. `kubectl get resource/<resource_name>` instead of `kubectl get resource resource/<resource_name>`"
[]()
Add support for terminal resizing for exec, attach, and run. Note that for Docker, exec sessions
inherit the environment from the primary process, so if the container was created with tty=false,
that means the exec session's TERM variable will default to "dumb". Users can override this by
setting TERM=xterm (or whatever is appropriate) to get the correct "smart" terminal behavior.
Automatic merge from submit-queue
controller-manager support number of garbage collector workers to be configurable
The number of garbage collector workers of controller-manager is a fixed value 5 now, make it configurable should more properly
Because of defaulting, requests are always set if limits are. Thus, the check can never succeed. Instead, make sure that the two values are equal.
Also, remove a few other error messages and remove unnecessary Sprintf calls.
Automatic merge from submit-queue
Separate rate limiters for Pod evictions for different zones in NodeController
Ref. #28832
NodeController needs to be able to separately adjust rate-limits for eviction for different zones. This PR splits rate limiters.
cc @davidopp
Automatic merge from submit-queue
Implement first version of indexing in cacher
This PR adds a first version of indexing in cacher.
It has a really significant impact on performance - __in empty 2000-node cluster, apiserver cpu usage drops by ~75%.__
Not for 1.3, but we need this soon after 1.3 is done.
@lavalamp @mqliang @davidopp @gmarek @kubernetes/sig-scalability
This mostly takes the previously checked in files and removes them, and moves
the generation to be on-demand instead of manual. Manually verified no change
in generated output.
This allows us to start building real dependencies into Makefile.
Leave old hack/* scripts in place but advise to use 'make'. There are a few
rules that call things like 'go run' or 'build/*' that I left as-is for now.
Automatic merge from submit-queue
Deepcopy: avoid struct copies and reflection Call
- make signature of generated deepcopy methods symmetric with `in *type, out *type`, avoiding copies of big structs on the stack
- switch to `in interface{}, out interface{}` which allows us to call them with without `reflect.Call`
The first change reduces runtime of BenchmarkPodCopy-4 from `> 3500ns` to around `2300ns`.
The second change reduces runtime to around `1900ns`.
Automatic merge from submit-queue
controller: wait for synced old replica sets on Recreate
Partially fixes https://github.com/kubernetes/kubernetes/issues/27362
Any other work on it should be handled in the replica set level (and/or kubelet if it's required)
@kubernetes/deployment PTAL
Automatic merge from submit-queue
rbac authorizer: cleanups to rule evaluation for non-resource URLs
An few oversights in the RBAC authorizer. Fixes#28291 and permits non-resource URLs to use stars in the path. E.g. ("/apis/*").
cc @liggitt @kubernetes/sig-auth
Automatic merge from submit-queue
kubectl: make --container-port actually work for expose
Even if it was recently deprecated, it should work as expected.
@kubernetes/kubectl
Automatic merge from submit-queue
Controllers doesn't take any actions when being deleted.
I started doing it for other controllers but it's not always clear to me how it should work. I'll be adding other ones as separate commits to this PR.
cc @caesarxuchao @lavalamp
Automatic merge from submit-queue
Add "deploy" abbrev for deployments to kubectl
Most of the objects have the abbreviation (short form) in kubectl, for ex. rc == replicationcontroller. It'll be useful to have an abbrev for "deployments" as well and I'm proposing to use "dpl" for it.
P.S. It's my very first commit to k8s. I've signed CLA already. I've decided to create this pull request while waiting on more info in #24083.
<!-- Reviewable:start -->
---
This change is [<img src="http://reviewable.k8s.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](http://reviewable.k8s.io/reviews/kubernetes/kubernetes/24087)
<!-- Reviewable:end -->
Automatic merge from submit-queue
Add hooks for cluster health detection
Separate a function that decides if zone is healthy. First real commit for preventing massive pod eviction.
Ref. #28832
cc @davidopp
Automatic merge from submit-queue
Change storeToNodeConditionLister to return []*api.Node instead of api.NodeList for performance
Currently copies that are made while copying/creating api.NodeList are significant part of scheduler profile, and a bunch of them are made in places, that are not-parallelizable.
Ref #28590
Automatic merge from submit-queue
ListOptions: add test for ResourceVersion > 0 in List
ref: #28472
Done:
- Add a test for ResourceVersion > 0 in registry (cache) store List()
- Fix the docs.
Automatic merge from submit-queue
kubectl: refactor rollout history to be more configurable
ChangeCauseAnnotation is hardcoded in PrintRolloutHistory and it needs
to be overriden since other resources that may need to be added in
`kubectl rollout history` may not use it. Instead of adding one more
method in the factory, refactor the existing HistoryViewer interface
to accomodate the change.
@kubernetes/kubectl
Automatic merge from submit-queue
controller/volume: simplify sync logic in syncUnboundClaim
Remove all unnecessary branching logic. No actual logic changes. Code is more readable now.
ChangeCauseAnnotation is hardcoded in PrintRolloutHistory and it needs
to be overriden since other resources that may need to be added in
`kubectl rollout history` may not use it. Instead of adding one more
method in the factory, refactor the existing HistoryViewer interface
to accomodate the change.
Automatic merge from submit-queue
Generates DELETE pod update operations
fixes#27105
Generates DELETE pod update operations to make the code and log more intuitive.
1. main refactoring is in `kubelet/config`
2. kubelet will log if it received DELETE, just like other OPs
cc @Random-Liu :)
Automatic merge from submit-queue
Deprecate the term "Ubernetes"
Deprecate the term "Ubernetes" in favor of "Cluster Federation" and "Multi-AZ Clusters"
k8s-merge-robot
