Automatic merge from submit-queue (batch tested with PRs 57434, 57221, 57417, 57474, 57481). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Cleanup api service before namespace deletion.
Fixes https://github.com/kubernetes/kubernetes/issues/57486.
https://github.com/kubernetes/kubernetes/pull/57254 helps but is not enough for the fix. After https://github.com/kubernetes/kubernetes/pull/57254, I saw another failure https://k8s-gubernator.appspot.com/build/kubernetes-jenkins/logs/ci-cri-containerd-e2e-ubuntu-gce/1057.
Before, all test after Aggregator test would fail. Now all tests before/after Aggregator tests are passing. However, during the Aggregator test waiting for namespace cleanup, all the other tests are failing. Aggregator test takes 10min to wait for namespace cleanup.
The reason is that, `BeforeEach`s run in LIFO order, `AfterEach`s run in FIFO order. `NewDefaultFramework` inserts an `AfterEach` function to do namespace cleanup.
In the current code, the namespace cleanup `AfterEach` is inserted by `NewDefaultFramework` before `cleanupTest`, it means that the test will try to delete namespace first, and then cleanup the api service. However, as known to us, if api service is not cleaned up, namespace deletion will wait forever.
In this PR, we reverse the `AfterEach` order. A better solution is to put `BeforeEach` and `AfterEach` in an internal `Describe`. However, since we don't have an internal `Describe` in this test, I just reverse the `AfterEach` order directly.
/cc @roycaihw @cheftako @kubernetes/sig-api-machinery-bugs
**Release note**:
```release-note
none
```
Automatic merge from submit-queue (batch tested with PRs 57434, 57221, 57417, 57474, 57481). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fabiano no longer a thing
**What this PR does / why we need it**: Removes me from lists of reviewers and approvers.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57434, 57221, 57417, 57474, 57481). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Send an event just before the Kubelet restarts to use a new config
**What this PR does / why we need it**:
This PR makes the Kubelet send events for configuration changes. This makes it much easier to see a recent history of configuration changes for the Kubelet.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56895
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/cc @dchen1107 @liggitt @dashpole
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
outdent err block
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add watch to requirements for quota-able resources
Since we use informers, if you can't be watched, you can't be quota'ed.
If the default iSCSI node.startup is set to automatic, if there is a node failure,
any pods on that node will get rescheduled to another node. If the failed node is
later brought back up it will then try to log back in to any iSCSI sessions it had
prior to the failure, which may no longer exist or may be now in-use by the other
nodes.
It appears most platforms keep the open-iscsi default of node.startup-automatic.
But in case this system-wide setting has been changed, and just to be explicit, this
sets node.startup values for kubernetes controlled volumes to manual.
Closes issue #21305
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix problem accessing private docker registries
**What this PR does / why we need it**:
In 027c8b9ef2, we added code to
move from .dockercfg to config.json file. But we forgot to use
the right secret type and the key to store the base64'ed creds
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57427#57273
**Special notes for your reviewer**:
**Release note**:
```release-note
Fixes issue creating docker secrets with kubectl 1.9 for accessing docker private registries.
```
This adds new benchmark tests that measure scheduler latency of pods
that use affinity rules. Specifically, this tests affinity rules with
topologyKey="kubernetes.io/hostname".
Under the default behavior of Go benchmark tests, all our scheduler_perf
benchmark tests run with b.N=1, which is lower than we would like. This
adds a lower bound to b.N so that the results are more meaningful.
The alternative to this change is to always run these tests with the
-benchtime flag set to a duration which will force b.N to increase. That
would cause any test setup to be executed repeatedly as b.N ramps up,
and -timout would probably also need to be set higher.
Automatic merge from submit-queue (batch tested with PRs 54278, 56259, 56762). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
New release for pause container
**What this PR does / why we need it**:
This PR bumps the TAG for the pause container so that we can build a new release with affecting older Kubernetes releases. Once the new release has been pushed to gcr.io/google_containers, I will follow up with a PR to update the kubelet/runtimes to use the new container.
In addition to bumping the tag, this PR also:
* Updates the pause Makefile to reflect a name change in the arm compiler used in kube-cross
* Adds a very simple version string to pause.c to help troubleshoot issues like #50865 in the future.
**Which issue(s) this PR fixes**:
First of two PRs for #56253, #50865
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54278, 56259, 56762). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add NODE_LOCAL_SSDS_EXT to config-test
**What this PR does / why we need it**:
Add NODE_LOCAL_SSDS_EXT to config-test so we can specify it for CI.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57468
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54278, 56259, 56762). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
make sure of deleting archive
**What this PR does / why we need it**:
Exit() causes the current program to exit with the given status code, but deferred function does not run.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Evicted pods should not be marked as failing since they respawn
**What this PR does / why we need it**: Juju deployments should not report evicted pods as failing.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```NONE
```
In 027c8b9ef2, we added code to
move from .dockercfg to config.json file. But we forgot to use
the right secret type and the key to store the base64'ed creds
Automatic merge from submit-queue (batch tested with PRs 57252, 57168). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Implementing predicates ordering
**What this PR does / why we need it**: implements predicates ordering for the scheduler
**Which issue(s) this PR fixes** : Fixes#53812
**Special notes for your reviewer**:
@bsalamat @gmarek @resouer as discussed on slack, to implement ordering we have to choices:
- use a layered approach with a list that indexes the order of the predicates map
- change the underlying data structure used to represent a collection of predicates (a map in our case) into a list of predicates objects.
Going with this solution might be "cleaner" but it will require a lot of changes and will increase the cost for accessing predicates from O(1) to O(n) (n being the number of predicates used by the scheduler).
we might go with this solution for now. If the number of predicates start growing, we might switch to the second option.
**Release note**:
```release-note
adding predicates ordering for the kubernetes scheduler.
```
Automatic merge from submit-queue (batch tested with PRs 57252, 57168). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Reduce CPU and memory requests for Metrics Server Nanny
**What this PR does / why we need it**:
Metrics Server Nanny is a sidecar container that performs small computations every 5 minutes to scale Metrics Server resource requirements when cluster size changes. This change reduces the CPU and memory requests to free up unused resource.
**Release note**:
```release-note
Free up CPU and memory requested but unused by Metrics Server Pod Nanny.
```
Automatic merge from submit-queue (batch tested with PRs 56681, 57384). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Deprecate the alpha Accelerators feature gate.
Encourage people to use DevicePlugins instead.
/kind cleanup
Related to https://github.com/kubernetes/features/issues/192 and https://github.com/kubernetes/features/issues/368
**Release note**:
```release-note
The alpha Accelerators feature gate is deprecated and will be removed in v1.11. Please use device plugins instead. They can be enabled using the DevicePlugins feature gate.
```
/sig node
/sig scheduling
/area hw-accelerators
TL;DR; NFS is not supported over overlayfs. In CRI-O we default to
overlayfs as the storage driver, therefore running the NFS test always
fails to export the directory. This patch adds a volume mount from the
host so /exports isn't on overlayfs anymore.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Nick Sardo