Automatic merge from submit-queue (batch tested with PRs 64815, 66823, 66473, 66466). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: fix ImagePullCheck output
**What this PR does / why we need it**:
ImagePullCheck outputs "pulling <image>" line even if image
already exists and is not pulled.
Fixed the output to reflect the reality. ImagePullCheck now outputs
either "pulling <image>" or "image <image> exists".
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
error out empty hostname
**What this PR does / why we need it**:
For linux, the hostname is read from file `/proc/sys/kernel/hostname` directly, which can be overwritten with whitespaces.
Should error out such invalid hostnames.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixeskubernetes/kubeadm#835
**Special notes for your reviewer**:
/cc luxas timothysc
**Release note**:
```release-note
nodes: improve handling of erroneous host names
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: fix runtime.ImageExists API
**What this PR does / why we need it**:
runtime.ImageExists returns error when underlying 'inspect' command
fails. This makes ImagePullCheck to fail as it doesn't expect
runtime.ImageExists to return an error even if image doesn't exist.
**Which issue(s) this PR fixes**:
Fixes [kubeadm issue 1024](https://github.com/kubernetes/kubeadm/issues/1024)
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kernel_validator: amend kernel config check paths
**What this PR does / why we need it**:
Clear Linux Project for Intel Architecture uses its own path
to store kernel build artifacts. This PR amends the path to kernel validator's
config check paths.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```
e2e_node: add new kernel config check paths
```
ImagePullCheck outputs "pulling <image>" line even if image
already exists and is not pulled.
Fixed the output to reflect the reality. ImagePullCheck now outputs
either "pulling <image>" or "image <image> exists".
Automatic merge from submit-queue (batch tested with PRs 66445, 66643, 60551). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: Improve kubeadm init cmd tests
**What this PR does / why we need it**:
This PR improves kubeadm init cmd tests in the following ways:
- Fix a few cases that were always successful (despite completely wrong).
- Add more test cases (for different configs in particular)
- Use dry run, to avoid modifying the system and using kubeadm reset
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes NONE
**Special notes for your reviewer**:
/cc @kubernetes/sig-cluster-lifecycle-pr-reviews
/area kubeadm
/assign @luxas
/assign @timothysc
**Release note**:
```release-note
NONE
```
This API return error when underlying 'inspect' command
fails. This makes ImagePullCheck to fail as it doesn't expect
runtime.ImageExists to return an error even if image doesn't exist.
Fixed this by returning error nil even when inspect command fails.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move the` k8s.io/kubernetes/pkg/util/pointer` package to` k8s.io/utils/pointer`
**What this PR does / why we need it**:
Move `k8s.io/kubernetes/pkg/util/pointer` to `shared utils` directory, so that we can use it easily.
Close#66010 accidentally, and can't reopen it, so the same as #66010
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 66554, 66616, 66695, 66681). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[kubeadm] Use KubeletRunDirectory instead of hard-coded way
**What this PR does / why we need it**:
fix `TODO: Make hard-coded "/var/lib/kubelet" strings reference this constant.`
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
cc @neolit123
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm join the cluster with pre-existing client certificate if provided
**What this PR does / why we need it**:
support `kubeadm join` with a pre-existing client certificate
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixeskubernetes/kubeadm#945
**Special notes for your reviewer**:
/cc @luxas @timothysc @kubernetes/sig-cluster-lifecycle-pr-reviews
**Release note**:
```release-note
kubeadm now can join the cluster with pre-existing client certificate if provided
```
Clear Linux Project for Intel Architecture uses its own path
to store kernel build artifacts. This is documented, e.g.,
in https://github.com/clearlinux/clr-boot-manager.
Adapt kernel validator's config check paths to include Clear
Linux's path too.
Automatic merge from submit-queue (batch tested with PRs 66291, 66471, 66499). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: Pull sidecar and dnsmasq-nanny images when using kube-dns
**What this PR does / why we need it**:
It appears that sidecar and dnsmasq-nanny images are now required for
kube-dns deployment to work correctly. Thus the following default kube-dns
images are used now:
- k8s.gcr.io/k8s-dns-kube-dns-amd64:1.14.10
- k8s.gcr.io/k8s-dns-sidecar-amd64:1.14.10
- k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:1.14.10
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixeskubernetes/kubeadm#1016
**Special notes for your reviewer**:
/cc @kubernetes/sig-cluster-lifecycle-pr-reviews
/area kubeadm
/assign @luxas
/assign @timothysc
/kind bug
**Release note**:
```release-note
kubeadm: Pull sidecar and dnsmasq-nanny images when using kube-dns
```
It appears that sidecar and dnsmasq-nanny images are now required for
kube-dns deployment to work correctly. Thus the following default kube-dns
images are used now:
- k8s.gcr.io/k8s-dns-kube-dns-amd64:1.14.10
- k8s.gcr.io/k8s-dns-sidecar-amd64:1.14.10
- k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:1.14.10
Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>
kubeadm init cmd tests are improved in the following ways:
- Fix a few cases that were always successful (despite completely wrong).
- Add more test cases (for different configs in particular)
- Use dry run, to avoid modifying the system and using kubeadm reset
Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>
Renamed command line option cri-socket-path for 2 reasons:
- to be consistent with the rest of kubeadm code
reset/init/join/apply subcommands use --cri-socket
- name is misleading as CRI socket can be also an url,
not just a path
Automatic merge from submit-queue (batch tested with PRs 66341, 66405, 66403, 66264, 66447). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubeadm: stop setting UID in the kubelet ConfigMap
**What this PR does / why we need it**: kubeadm: stop setting UID in the kubelet ConfigMap
**Which issue(s) this PR fixes**:
Fixes https://github.com/kubernetes/kubeadm/issues/921#
**Release note**:
```release-note
kubeadm: stop setting UID in the kubelet ConfigMap
```
Automatic merge from submit-queue (batch tested with PRs 66152, 66406, 66218, 66278, 65660). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Handle errors
**What this PR does / why we need it**:
This is a followup PR for https://github.com/kubernetes/kubernetes/pull/64664 to handle errors returned from `.AddToScheme()` in places where they are not handled.
**Release note**:
```release-note
NONE
```
/kind cleanup
/sig api-machinery
/cc @sttts
Automatic merge from submit-queue (batch tested with PRs 65771, 65849). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add a new conversion path to replace GenericConversionFunc
reflect.Call is very expensive. We currently use a switch block as part of AddGenericConversionFunc to avoid the bulk of top level a->b conversion for our primary types which is hand-written. Instead of having these be handwritten, we should generate them.
The pattern for generating them looks like:
```
scheme.AddConversionFunc(&v1.Type{}, &internal.Type{}, func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1_Type_to_internal_Type(a.(*v1.Type), b.(*internal.Type), scope)
})
```
which matches AddDefaultObjectFunc (which proved out the approach last year). The
conversion machinery should then do a simple map lookup based on the incoming types and invoke the function. Like defaulting, it's up to the caller to match the types to arguments, which we do by generating this code. This bypasses reflect.Call and in the future allows Golang mid-stack inlining to optimize this code.
As part of this change I strengthened registration of custom functions to be generated instead of hand registered, and also strengthened error checking of the generator when it sees a manual conversion to error out. Since custom functions are automatically used by the generator, we don't really have a case for not registering the functions.
Once this is fully tested out, we can remove the reflection based path and the old registration methods, and all conversion will work from point to point methods (whether generated or custom).
Much of the need for the reflection path has been removed by changes to generation (to omit fields) and changes to Go (to make assigning equivalent structs easy).
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
check for crictl executable only for CRI runtime
**What this PR does / why we need it**:
crictl is not used for docker runtime, so InPathCheck check can be skipped for docker.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix kubeadm upgrade diff -config TODO
**What this PR does / why we need it**:
This PR addresses a TODO in `kubeadm upgrade diff` for the `-config` flag to use `options.AddConfigFlag()` instead of `cmd.Flags().StringVar()`.
**Which issue(s) this PR fixes**
None
**Special notes for your reviewer**:
/sig kubernetes/sig-cluster-lifecycle-pr-reviews
**Release note**:
```release-note
NONE
```
Improved runtime tests by using T.Run API:
https://golang.org/pkg/testing/#T.Run
This should improve the test output and make it more visible
which test is doing what.
Automatic merge from submit-queue (batch tested with PRs 65429, 64611). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move runtime details into ContainerRuntime
**What this PR does / why we need it**:
This PR moves all docker and CRI specifics into new ContainerRuntime
entity to isolate container runtime details from the rest of the code.
This should help to avoid having CRI and docker specific checks and code all over the place.
**NOTE: this is a not a finished work, but rather an RFC.**
Things to do:
- test manually in docker and cri-o environments
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix kubeadm checks import error
kubeadm checks package import path exist "kubernetes/test",
So change the import path.
* move "k8s.io/kubernetes/test/e2e_node/system" directory file
tto "k8s.io/kubernetes/cmd/kubeadm/app/util/system" and change checks import
* remove "k8s.io/kubernetes/test/e2e_node/system" directory
Issues report link:
https://github.com/kubernetes/kubeadm/issues/976
Signed-off-by: Yuanbin.Chen <cybing4@gmail.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #https://github.com/kubernetes/kubeadm/issues/976
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 66094, 65676). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add a timeout when fetching latest version
**What this PR does / why we need it**:
When there is no internet on the node and `--kubernetes-versio`n is not specified running `kubeadm init` hangs forever with no text output.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubeadm/issues/986
**Special notes for your reviewer**:
Using the same duration as the existing timeout `externalEtcdRequestTimeout`
Sample output:
```
kubeadm init
unable to get URL "https://dl.k8s.io/release/stable-1.11.txt": Get https://dl.k8s.io/release/stable-1.11.txt: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
```
**Release note**:
```release-note
kubeadm: use an HTTP request timeout when fetching the latest version of Kubernetes from dl.k8s.io
```
xiangpengzhao