Automatic merge from submit-queue
fix typo in replenishment_controller.go
**What this PR does / why we need it**:
fix typo
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #N/A
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 49868, 50143, 49377, 50141, 50145)
Don't expect internal clientset to be generated for groups without ne…
…w types
Automatic merge from submit-queue (batch tested with PRs 49868, 50143, 49377, 50141, 50145)
Return Audit-Id http response header for trouble shooting
Users can use Audit-Id http response header to grep the audit events in log.
This provides a fast way to find the events in audit.
**Release note**:
```
Audit-Id HTTP header is included in the apiserver responses for audited requests, except some cases when it's not possible, e.g. pods/exec.
```
@sttts @tallclair
Automatic merge from submit-queue
Retry scheduling pods after errors more consistently in scheduler
**What this PR does / why we need it**:
This fixes 2 places in the scheduler where pods can get stuck in Pending forever. In both these places, errors happen and `sched.config.Error` is not called afterwards. This is a problem because `sched.config.Error` is responsible for requeuing pods to retry scheduling when there are issues (see [here](2540b333b2/plugin/pkg/scheduler/factory/factory.go (L958))), so if we don't call `sched.config.Error` then the pod will never get scheduled (unless the scheduler is restarted).
One of these (where it returns when `ForgetPod` fails instead of continuing and reporting an error) is a regression from [this refactor](https://github.com/kubernetes/kubernetes/commit/ecb962e6585#diff-67f2b61521299ca8d8687b0933bbfb19L234), and with the [old behavior](80f26fa8a8/plugin/pkg/scheduler/scheduler.go (L233-L237)) the error was reported correctly. As far as I can tell changing the error handling in that refactor wasn't intentional.
When AssumePod fails there's never been an error reported but I think adding this will help the scheduler recover when something goes wrong instead of letting pods possibly never get scheduled.
This will help prevent issues like https://github.com/kubernetes/kubernetes/issues/49314 in the future.
**Release note**:
```release-note
Fix incorrect retry logic in scheduler
```
Automatic merge from submit-queue (batch tested with PRs 49370, 49481)
continue Fix error format and info for get_test.go
**What this PR does / why we need it**:
continue fix the error info
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49441
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
Automatic merge from submit-queue (batch tested with PRs 49370, 49481)
client-gen: stop embedding of GroupVersion client intfs
It is undefined (or at least uncontrollable) which methods of the clientset apigroup
interfaces are actually inherited. Moreover, there might be nameconflicts between the
accessors and inherited methods. This PR removes the embedding to make it unambiguous.
```release-note
Enforce explicit references to API group client interfaces in clientsets to avoid ambiguity.
```
Automatic merge from submit-queue
Delete unuse err check
**What this PR does / why we need it**:
err has fatal, this err check can't execute.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
thank you ~
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Fix a bug that --flag=val causes completion error in zsh
**What this PR does / why we need it**:
This PR fixes a bug that flag of syntax like --flag=val causes completion error in zsh.
```
kubectl --namespace=foo g__handle_flag:25: bad math expression: operand expected at end of string
```
This problem is due to [dynamic scope](https://en.wikipedia.org/wiki/Scope_(computer_science)#Dynamic_scoping) of shell variables. If a variable is declared as local to a function, that scope remains until the function returns.
In kubectl completion zsh, `declare -A flaghash` in __start_kubectl() is replaced with `__kubectl_declare -A flaghash` by __kubectl_convert_bash_to_zsh(). As a result of it, flaghash is declared in __kubectl_declare(), and it can not access to flaghash declared in __kubectl_declare() from __handle_flag(). Therefore an error occurs in __handle_flag().
The following is the minimum reproduction code.
```sh
#!/usr/bin/env zsh
set -e
__kubectl_declare() {
builtin declare "$@"
}
__handle_flag() {
local flagname="--namespace="
local flagval="kube-system"
flaghash[${flagname}]=${flagval}
echo "flaghash[${flagname}]=${flaghash[${flagname}]}"
}
__handle_word() {
__handle_flag
}
__start_kubectl() {
__kubectl_declare -A flaghash
__handle_word
}
__start_kubectl
#
# $ zsh reproduction.zsh
# __handle_flag:4: bad math expression: operand expected at end of string
#
# __start_kubectl {
#
# __kubectl_declare {
#
# builtin declare -A flaghash
#
# }
#
# __handle_word {
#
# __handle_flag {
#
# # It is unable to access flaghash declared in __kubectl_declare from here
# flaghash[${flagname}]=${flagval}
#
# }
#
# }
# }
```
The following is the fixed code.
```sh
#!/usr/bin/env zsh
set -e
__handle_flag() {
local flagname="--namespace="
local flagval="kube-system"
flaghash[${flagname}]=${flagval}
echo "flaghash[${flagname}]=${flaghash[${flagname}]}"
}
__handle_word() {
__handle_flag
}
__start_kubectl() {
builtin declare -A flaghash
__handle_word
}
__start_kubectl
#
# $ zsh fixed.zsh
# flaghash[--namespace=]=kube-system
#
# __start_kubectl {
#
# builtin declare -A flaghash
#
# __handle_word {
#
# __handle_flag {
#
# # It is able to access flaghash declared in __start_kubectl from here :)
# flaghash[${flagname}]=${flagval}
#
# }
#
# }
# }
```
https://gist.github.com/superbrothers/0ede4292f6d973f93e54368e227a4902
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
fixeskubernetes/kubectl#42
**Special notes for your reviewer**:
@mengqiy
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Display healthcheck nodeport and other fields in describe service
**What this PR does / why we need it**:
Some fields such as `HealthCheckNodePort` are not displayed currently. This PR fixes it.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Update: found this when tracing #49999
**Special notes for your reviewer**:
/sig cli network
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49855, 49915)
Let controllers ignore initialization timeout when creating pods
Partially address https://github.com/kubernetes/kubernetes/issues/48893#issuecomment-318540129.
This only updates the controllers that create pods with `GenerateName`.
The controllers ignore the timeout error when creating the pods, depending on how the initialization progress:
* If the initialization is successful in less than 5 mins, the controller will observe the creation via the informer. All is good.
* If the initialization fails, server will delete the pod, but the controller won't receive any event. The controller will not create new pod until the Creation expectation expires in 5 min.
* If the initialization takes too long (> 5 mins), the Creation expectation expires and the controller will create extra pods.
I'll send follow-up PRs to fix the latter two cases, e.g., by refactoring the sharedInformer.
Automatic merge from submit-queue
kubeadm: Implementing the kubeconfig phase fully
**What this PR does / why we need it:**
This contains implementation of kubeconfig phases in kubeadm, which is part of the wider effort of implementing phases in kubeadm, previously in alpha stage.
The original proposal for this activity can be found [here](https://github.com/kubernetes/kubeadm/pull/156/files) and related comments.
Kubeadm phase implementation checklist is defined [here](https://github.com/kubernetes/kubeadm/issues/267)
Common implementation guidelines and principles for all phases are defined [here](https://docs.google.com/document/d/1VQMyFIVMfRGQPP3oCUpfjiWtOr3pLxp4g7cP-hXQFXc/edit?usp=sharing)
This PR implements:
- [x] kubeadm phase kubeconfig
- [x] kubeadm phase kubeconfig all
- [x] kubeadm phase kubeconfig admin
- [x] kubeadm phase kubeconfig kubelet
- [x] kubeadm phase kubeconfig scheduler
- [x] kubeadm phase kubeconfig controller-manager
- [x] kubeadm phase kubeconfig user
**Which issue this PR fixes:**
https://github.com/kubernetes/kubeadm/issues/350
**Special notes for your reviewer:**
This PR implements the second phases of kubeadm init; implementation of this PR follow the same approach already used for #48196 (cert phases).
Please note that:
- the API - phase\kubeconfig.go - is now totally free by any UX concerns, and implements only the core logic for kubeconfig generation.
- the UX - cmd\phase\kubeconfig.go - now takes charge of UX commands and kubeadm own's rules for kubeconfig files in /etc/kubernetes folder (e.g. create only if not already exists)
- The PR includes also a fix for a regression on a unit test for phase certs introduced by #48594 and few minor code changes in phase certs introduced to avoid code duplication between the two phases.
Automatic merge from submit-queue
Fix typo in test/images/port-forward-tester/Makefile
**What this PR does / why we need it**: the image build fails due to this typo:
```console
$ make WHAT=port-forward-tester
./image-util.sh build port-forward-tester
Building image for port-forward-tester ARCH: ppc64le...
make[1]: Entering directory '[home]/src/k8s.io/kubernetes/test/images/port-forward-tester'
../image-util.sh bin
../image-util.sh: line 22: $2: unbound variable
```
Images already pushed.
**Release note**:
```release-note
NONE
```
/approve no-issue
/assign @mkumatag
Automatic merge from submit-queue (batch tested with PRs 49805, 50052)
remove the temporary file to make the hyperkube image smaller
Remove the temporary file after apt-get install to make the hyperkube image smaller.
Automatic merge from submit-queue (batch tested with PRs 49805, 50052)
We never want to modify the globally defined SG for ELBs
**What this PR does / why we need it**:
Fixes a bug where creating or updating an ELB will modify a globally defined security group
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50105
**Special notes for your reviewer**:
**Release note**:
```release-note
fixes a bug around using the Global config ElbSecurityGroup where Kuberentes would modify the passed in Security Group.
```
Automatic merge from submit-queue
fix typos in federation-controller
**What this PR does / why we need it**:
fix some typos in federation-controller.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48532, 50054, 50082)
Refactored the fluentd-es addon
Refactor fluentd-elasticsearch addon:
- Decrease the number of files by moving RBAC-related objects in the same files where they're used
- Move the fluentd configuration out of the image
- Don't use PVC to avoid leaking resources in e2e tests
- Fluentd now ingest docker and kubelet logs that are written to journald
- Disable X-Pack, because it's not free
Fixes https://github.com/kubernetes/kubernetes/issues/41462
Fixes https://github.com/kubernetes/kubernetes/issues/49816
Fixes https://github.com/kubernetes/kubernetes/issues/48973
Fixes https://github.com/kubernetes/kubernetes/issues/49450
@aknuds1 @coffeepac Could you please take a look?
```release-note
Fluentd DaemonSet in the fluentd-elasticsearch addon is configured via ConfigMap and includes journald plugin
Elasticsearch StatefulSet in the fluentd-elasticsearch addon uses local storage instead of PVC by default
```
Automatic merge from submit-queue (batch tested with PRs 48532, 50054, 50082)
Remove [k8s.io] tag and redundant [sig-storage] tags from volume tests
**What this PR does / why we need it**:
Removes redundant tags from storage e2e test names
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50178
**Release note**:
/release-note-none
Automatic merge from submit-queue (batch tested with PRs 48532, 50054, 50082)
Correcting two spelling mistakes
**What this PR does / why we need it**:
Correcting two spelling mistakes.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
NONE
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 47416, 47408, 49697, 49860, 50162)
kubeadm: Replace *clientset.Clientset with clientset.Interface
**What this PR does / why we need it**:
Needed for https://github.com/kubernetes/kubernetes/pull/48899
We should always use `clientset.Interface` instead of `*clientset.Clientset`, for better testability and all the other benefits of using an interface.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
Should be straightforward to merge
**Release note**:
```release-note
NONE
```
@timothysc @dmmcquay @pipejakob
Automatic merge from submit-queue (batch tested with PRs 47416, 47408, 49697, 49860, 50162)
fix error message for cronjob
**What this PR does / why we need it**:
fix error message for cronjob
expected an error would be better than unexpected lack of error.
ref: https://github.com/kubernetes/kubernetes/blob/master/cmd/genutils/genutils_test.go#L33
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 47416, 47408, 49697, 49860, 50162)
add possibility to use multiple floatingip pools in openstack loadbalancer
**What this PR does / why we need it**: Currently only one floating pool is supported in kubernetes openstack cloud provider. It is quite big issue for us, because we want run only single kubernetes cluster, but we want that external and internal services can be used. It means that we need possibility to create services with internal and external pools.
**Which issue this PR fixes**: fixes#49147
**Special notes for your reviewer**: service labels is not maybe correct place to define this floatingpool id. However, I did not find any better place easily. I do not want start modifying service api structure.
**Release note**:
```release-note
Add possibility to use multiple floatingip pools in openstack loadbalancer
```
Example how it works:
```
cat /etc/kubernetes/cloud-config
[Global]
auth-url=https://xxxx
username=xxxx
password=xxxx
region=yyy
tenant-id=b23efb65b1d44b5abd561511f40c565d
domain-name=foobar
[LoadBalancer]
lb-version=v2
subnet-id=aed26269-cd01-4d4e-b0d8-9ec726c4c2ba
lb-method=ROUND_ROBIN
floating-network-id=56e523e7-76cb-477f-80e4-2dc8cf32e3b4
create-monitor=yes
monitor-delay=10s
monitor-timeout=2000s
monitor-max-retries=3
```
```
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 1
template:
metadata:
labels:
run: web
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
labels:
run: web-ext
name: web-ext
namespace: default
spec:
selector:
run: web
ports:
- port: 80
name: https
protocol: TCP
targetPort: 80
type: LoadBalancer
---
apiVersion: v1
kind: Service
metadata:
labels:
run: web-int
floatingPool: a2a84887-4915-42bf-aaff-2b76688a4ec7
name: web-int
namespace: default
spec:
selector:
run: web
ports:
- port: 80
name: https
protocol: TCP
targetPort: 80
type: LoadBalancer
```
```
% kubectl create -f example.yaml
deployment "nginx-deployment" created
service "web-ext" created
service "web-int" created
% kubectl get svc -o wide
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kubernetes 10.254.0.1 <none> 443/TCP 2m <none>
web-ext 10.254.23.153 192.168.1.57,193.xx.xxx.xxx 80:30151/TCP 52s run=web
web-int 10.254.128.141 192.168.1.58,10.222.130.80 80:32431/TCP 52s run=web
```
cc @anguslees @k8s-sig-openstack-feature-requests @dims
Automatic merge from submit-queue
simplify if and else for code
Signed-off-by: allencloud <allen.sun@daocloud.io>
**What this PR does / why we need it**:
This PR tries to simplify the code of if and else, and this could make code a little bit cleaner.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Timeout and Max-in-flight don't report non-resource URLs correctly.
Unify error reporting for 429 and 504 to be correct for timeout and max in flight and eviction. Add better messages to eviction (removing a todo). Return the correct body content for timeouts (reason and code should be correct).
This potentially increases cardinality of 429, but because non-api urls may be under the max-inflight budget we need to report them somewhere (if something breaks and starts fetching API versions endlessly).
```release-note
The 504 timeout error was returning a JSON error body that indicated it was a 500. The body contents now correctly report a 500 error.
```
Automatic merge from submit-queue (batch tested with PRs 48487, 49009, 49862, 49843, 49700)
fix swallowed error in kubectl rolling_updater
This fixes a swallowed error in kubectl.
AddDeploymentKeyToReplicationController() is already tested, but there was an error that was not being exposed.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48487, 49009, 49862, 49843, 49700)
add label examples for kubectl run
**What this PR does / why we need it**:
Add `--labels` examples for kubectl run
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
xref #49854
**Special notes for your reviewer**:
/cc @ahmetb
**Release note**:
```release-note
add examples for kubectl run --labels
```
Automatic merge from submit-queue (batch tested with PRs 48487, 49009, 49862, 49843, 49700)
Enable overriding fluentd resources in GCP
**What this PR does / why we need it**: This enables overriding fluentd resources in GCP, when there is a need for custom ones.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
go-client: Use httpcache client for all requests, even though only openapi returns ETags for caching
**What this PR does / why we need it**: Use HTTP ETag for caching Swagger spec download
This also adds a new command-line flag "cachedir" to specify where the cache should keep its file. It defaults to `$HOME/.kube/http-cache`.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: partly #38637
**Special notes for your reviewer**:
Because this adds a bunch of dependencies, and removes a couple of files, I do recommend reading each commit individually.
**Release note**:
```release-note
```
deads2k