Automatic merge from submit-queue
Add e2e tests for eviction subresource.
This branch includes changes pending in both #31638 and #31721. I will rebase
once those merge.
Automatic merge from submit-queue
fix log message to include ds name
The pod name is never set because newPod is created a couple lines up without a name. Instead log the name and namespace of the ds which the pod is created from.
also bump the log level because reasons loop get's hit fairly often and does not indicate a bug.
Automatic merge from submit-queue
Sleep between NodeStatus update retries
Just a thing I found when looking into other problems.
This is pretty much no-risk change fixing wrong behavior. Do you think it should go in 1.4? @pwittrock
Automatic merge from submit-queue
Fix errors.NewAggregate nil pointer panic
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
Consider the following code block,
```
err := myfunc()
agg := errors.NewAggregate([]error{err})
fmt.Println("aggregate error is %v", agg)
```
If the `err` is **nil**, then it will cause a panic:
```
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x20 pc=0x481a61]
goroutine 6 [running]:
panic(0x5769c0, 0xc082002090)
C:/Go/src/runtime/panic.go:464 +0x3f4
testing.tRunner.func1(0xc082074090)
C:/Go/src/testing/testing.go:467 +0x199
panic(0x5769c0, 0xc082002090)
C:/Go/src/runtime/panic.go:426 +0x4f7
k8s.io/kubernetes/pkg/util/errors.aggregate.Error(0xc082002590, 0x1, 0x1, 0x0, 0x0)
D:/goproject/community/src/k8s.io/kubernetes/pkg/util/errors/errors.go:71 +0x91
k8s.io/kubernetes/pkg/util/errors.(*aggregate).Error(0xc08200c7e0, 0x0, 0x0)
<autogenerated>:1 +0xb4
k8s.io/kubernetes/pkg/util/errors.TestAggregateWithNil(0xc082074090)
D:/goproject/community/src/k8s.io/kubernetes/pkg/util/errors/errors_test.go:70 +0x402
testing.tRunner(0xc082074090, 0x67cdb8)
C:/Go/src/testing/testing.go:473 +0x9f
created by testing.RunTests
C:/Go/src/testing/testing.go:582 +0x899
exit status 2
```
The root cause is that [aggregate.Error()](https://github.com/kubernetes/kubernetes/blob/master/pkg/util/errors/errors.go#L47) doesn't check if error list contains nil.
We can blame the user didn't check if `err` is nil before passing it to
```
errors.NewAggregate([]error{err})
```
but I think we can check again inside in case of user forget to check outside.
Node controller's internalPodInformer will block main thread
if it is not started as a go routine. This patch fixed this
by runing internalPodInformer as a go routine.
Automatic merge from submit-queue
add deploy for deployment in kubectl set image help text
add shorthand deploy for deployment in kubectl set image help text
Automatic merge from submit-queue
change annotate_resources to valid_resources
annotate_resources missing some resources such as deployment, namespace.
i think using valid_resources to replace annotate_resources more suitable.
Automatic merge from submit-queue
kubectl edit: Do not add warning header if ftype is json.
This PR blocks adding warning header if `kubectl edit` is used with `-o json` option.
Fixed header contains comment (what is not supported by json standard) what can break utilities which are using libraries that conforms with http://www.ietf.org/rfc/rfc7159.txtfixes#29524
/cc @pwittrock
```release-note
Removed comments in json config when using kubectl edit with -o json
```
Automatic merge from submit-queue
Make a vSphere cluster the failure_zone
vSphere cloud provider returns the FailureZone as Cluster, if the VM belongs to a ResourcePool under a Cluster.
fixes: #30933
* Currently the vSphere cloud provider treats Datacenter as the failure
Zone. This doesn't necessarily work since in the current implemention
Kubernetes nodes cannot span Datacenters.
* This change introduces Clusters as the failure zone, while treating
Datacenters as Regions
* Also updated tests for Zones
Automatic merge from submit-queue
Fix named pipe in kubectl zsh completion
This PR fixes#28049
Though my zsh version > 5.0, I still got the problem. So, I think we need this fix.
---
### Env
```
OS: Ubuntu 14.04
$ zsh --version
zsh 5.0.2 (x86_64-pc-linux-gnu)
```
### A simple DEMO to show the root cause
In zsh and bash, a multi-line named pipe, who is wrapped by parenthesis, is possible to mismatch the "right parenthesis", even that parenthesis is in a here-document.
The following script was going to use `sed` to print the text in the 'BASH_COMPLETION_EOF' here-document.
> * I made the `sed` simpler. As you can see, `sed` actually does nothing here. It just prints what it gets from `<<`). In real [`pkg/kubectl/cmd/completion.go`](https://github.com/kubernetes/kubernetes/blob/v1.3.5/pkg/kubectl/cmd/completion.go#L246-L258), `sed` will do some text replacement, changing bash functions to zsh functions. But that is not the point of the problem.
> * I use `cat <(...)` to replace the `source <(...)`.
> In this way, we can see how named pipe works.
run-bad.zsh:
```bash
#!/usr/bin/zsh
cat <(sed -e 's/foo/bar/g' <<'BASH_COMPLETION_EOF'
aaa='aaa'
case aaa in
'aaa') # <- This ')' is in a here-document, but it is handled by named pipe by mistake.
echo 'yes'
;;
esac
BASH_COMPLETION_EOF
)
```
> Output:
> ```
> ./run-bad.zsh
> aaa='aaa'
> case aaa in
> 'aaa'yes <- You can see the here-document `echo yes` has been executed!!!
> ./run-bad.zsh:8: parse error near `;;'
> ```
The named pipe `<(sed ...` "eats" the `)`, which should belong to `case aaa in 'aaa')`. So that the named pipe ends earlier than expectation. The left zsh code is broken, it fails.
### Here's the fix
Move the code into a function, and use an inline named pipe.
run.zsh:
```bash
#!/usr/bin/zsh
print_sed_result() {
sed -e 's/foo/bar/g' <<'BASH_COMPLETION_EOF'
aaa='aaa'
case aaa in
'aaa')
echo 'yes'
;;
esac
BASH_COMPLETION_EOF
}
cat <(print_sed_result) # <- Use an inline named pipe
```
> Output:
> ```
> ./run.zsh > stack@docker-dev01
> aaa='aaa'
> case aaa in
> 'aaa')
> echo 'yes'
> ;;
> esac
> ```
Now, the here-document and named pipe work correctly.
Automatic merge from submit-queue
Make @rootfs the assignee for various volumes
This, combined with the '/lgtm' capability of reviewers means you can approve
PRs. @rootfs - I assume you're OK with this?
Automatic merge from submit-queue
Typos and englishify pkg/cloudprovider + pkg/dns + pkg/kubectl
**What this PR does / why we need it**: Just fixed some typos + "englishify" in pkg/cloudprovider + pkg/dns + pkg/kubectl
**Which issue this PR fixes** : None
**Special notes for your reviewer**: It's just fixes typos
**Release note**: `NONE`
Automatic merge from submit-queue
kubelet_test.go: use assertions
Switch most of the tests in this file to using the assert library
(`github.com/stretchr/testify/assert`) in the tests for better readability and
less code in general.
Automatic merge from submit-queue
retry oauth token fetch in gce cloudprovider
Fixes https://github.com/kubernetes/kubernetes/issues/31560
The oauth client fetches a token on the initial request of that client. Let's warm the cache.
cc @goltermann @lavalamp
Automatic merge from submit-queue
Fix PSP update validation
Issues fixed:
- apparmor annotations were not being validated
- sysctl annotations were not being validated
- `ValidateObjectMetaUpdate` parameters were reversed
/cc @sttts
---
1.4 justification:
- Risk: If I did something wrong, valid updates could be rejected or invalid updates accepted.
- Rollback: Nothing should depend on this behavior
- Cost: As it stands, the PSP can be updated to an invalid state. The cost of this is relatively low, but a bad user experience.
Automatic merge from submit-queue
Fix PSP volumes error message
Was:
```
Error from server: error when creating "pause-pod.yaml": pods "pause" is forbidden: unable to validate against any pod security policy: [spec.containers[0].securityContext.volumes[0]: Invalid value: "secret": secret volumes are not allowed to be used]
```
Now:
```
Error from server: error when creating "pause-pod.yaml": pods "pause" is forbidden: unable to validate against any pod security policy: [spec.volumes[0]: Invalid value: "secret": secret volumes are not allowed to be used]
```
Also, only perform the validation once (by moving it from `ValidateContainerSecurityContext` to `ValidatePodSecurityContext`).
---
1.4 Justification:
- Risk: low, this is just altering an error message
- Rollback: nothing should depend on this functionality
- Cost: the old error message didn't make any sense (there are no volumes on a container SecurityContext). This is fixing a bug.
Automatic merge from submit-queue
Added printing of clarification for `object creation` request in case of object is in the process of graceful deletion
## **Output example:**
### # kubectl create -f ./pod.yaml
`pod "test-pod" created`
### # kubectl create -f ./pod.yaml
`Error from server: error when creating "../simplePod.yaml": pods "test-pod" already exists`
### # kubectl delete pods/test-pod
`pod "test-pod" deleted`
### # kubectl create -f ./pod.yaml
`Error from server: error when creating "../simplePod.yaml": object is being deleted: pods "test-pod" already exists`
Automatic merge from submit-queue
[GarbageCollector] GC retries failed garbage collection
The code was buried in #30483, which we decided to put off to 1.5.
Ryan Hitchman