Automatic merge from submit-queue
WIP v0 NVIDIA GPU support
```release-note
* Alpha support for scheduling pods on machines with NVIDIA GPUs whose kubelets use the `--experimental-nvidia-gpus` flag, using the alpha.kubernetes.io/nvidia-gpu resource
```
Implements part of #24071 for #23587
I am not familiar with the scheduler enough to know what to do with the scores. Mostly punting for now.
Missing items from the implementation plan: limitranger, rkt support, kubectl
support and docs
cc @erictune @davidopp @dchen1107 @vishh @Hui-Zhi @gopinatht
Automatic merge from submit-queue
Webhook Token Authenticator
Add a webhook token authenticator plugin to allow a remote service to make authentication decisions.
Automatic merge from submit-queue
devel/ tree further minor edits
Address line wrap issue #1488. Also cleans up other minor editing issues in the docs/devel/* tree such as spelling errors, links, content tables...
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
Automatic merge from submit-queue
devel/ tree more minor edits
Address line wrap issue #1488. Also cleans up other minor editing issues in the docs/devel/* tree such as spelling errors, links, content tables...
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
Automatic merge from submit-queue
devel/ tree minor edits
Address line wrap issue #1488. Also cleans up other minor editing issues in the docs/devel/* tree such as spelling errors, links,...
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
Automatic merge from submit-queue
docs: Self-hosted Kubelet proposal
Provides a proposal for changes needed with Kubernetes to allow for a
self-hosted Kubelet bootstrap.
Implements part of #24071
I am not familiar with the scheduler enough to know what to do with the scores. Punting for now.
Missing items from the implementation plan: limitranger, rkt support, kubectl
support and user docs
Automatic merge from submit-queue
Clarify supported version skew between masters, nodes, and clients
Per discussion on #22897.
cc @bgrant0607 @roberthbailey
Automatic merge from submit-queue
Introduce events flag for describers
Printing events for a given object is not always needed. Thus, introducing --show-events=false to ``kubectl describe`` to skip events printing.
Fixes: #24239
Automatic merge from submit-queue
Update adding-an-APIGroup.md for #23110
Change the doc to point at the new conversion/deep-copy binaries instead of the old scripts.
Automatic merge from submit-queue
Reimplement 'pause' in C - smaller footprint all around
Statically links against musl. Size of amd64 binary is 3560 bytes.
I couldn't test the arm binary since I have no hardware to test it on, though I assume we want it to work on a raspberry pi.
This PR also adds the gcc5/musl cross compiling image used to build the binaries.
@thockin
Automatic merge from submit-queue
Add subPath to mount a child dir or file of a volumeMount
Allow users to specify a subPath in Container.volumeMounts so they can use a single volume for many mounts instead of creating many volumes. For instance, a user can now use a single PersistentVolume to store the Mysql database and the document root of an Apache server of a LAMP stack pod by mapping them to different subPaths in this single volume.
Also solves https://github.com/kubernetes/kubernetes/issues/20466.
Automatic merge from submit-queue
Make ThirdPartyResource a root scoped object
ThirdPartyResource (the registration of a third party type) belongs at the cluster scope. It results in resource handlers installed in every namespace, and the same name in two namespaces collides (namespace is ignored when determining group/kind).
ThirdPartyResourceData (an actual instance of that type) is still namespace-scoped.
This PR moves ThirdPartyResource to be a root scope object. Someone previously using ThirdPartyResource definitions in alpha should be able to move them from namespace to root scope like this:
setup (run on 1.2):
```
kubectl create ns ns1
echo '{"kind":"ThirdPartyResource","apiVersion":"extensions/v1beta1","metadata":{"name":"foo.example.com"},"versions":[{"name":"v8"}]}' | kubectl create -f - --namespace=ns1
echo '{"kind":"Foo","apiVersion":"example.com/v8","metadata":{"name":"MyFoo"},"testkey":"testvalue"}' | kubectl create -f - --namespace=ns1
```
export:
```
kubectl get thirdpartyresource --all-namespaces -o yaml > tprs.yaml
```
remove namespaced kind registrations (this shouldn't remove the data of that type, which is another possible issue):
```
kubectl delete -f tprs.yaml
```
... upgrade ...
re-register the custom types at the root scope:
```
kubectl create -f tprs.yaml
```
Additionally, pre-1.3 clients that expect to read/write ThirdPartyResource at a namespace scope will not be compatible with 1.3+ servers, and 1.3+ clients that expect to read/write ThirdPartyResource at a root scope will not be compatible with pre-1.3 servers.
Introduce DescriberSettings for Describer display options
Introduce --show-events flag and DescriberSettings in Describer methods
Introduce unit-tests
Regenerated kubectl describe docs
Add events flag tests to test-cmd.sh
Signed-off-by: dhodovsk@redhat.com
Signed-off-by: jchaloup@redhat.com
Automatic merge from submit-queue
API changes for Cascading deletion
This PR includes the necessary API changes to implement cascading deletion with finalizers as proposed is in #23656. Comments are welcome.
@lavalamp @derekwaynecarr @bgrant0607 @rata @hongchaodeng
The codec factory should support two distinct interfaces - negotiating
for a serializer with a client, vs reading or writing data to a storage
form (etcd, disk, etc). Make the EncodeForVersion and DecodeToVersion
methods only take Encoder and Decoder, and slight refactoring elsewhere.
In the storage factory, use a content type to control what serializer to
pick, and use the universal deserializer. This ensures that storage can
read JSON (which might be from older objects) while only writing
protobuf. Add exceptions for those resources that may not be able to
write to protobuf (specifically third party resources, but potentially
others in the future).
Automatic merge from submit-queue
update kubectl apply help info
Please refer #22342 for more detail. @bgrant0607 ptal. Also I have open a PR to update docs on `kuberntes.github.io`
Automatic merge from submit-queue
kubectl rolling-update support for same image
Fixes#23497.
Enables `kubectl rolling-update --image` to the same image, adding a `--image-pull-policy` flag to remove ambiguity. This allows rolling-update to behave as an "update and/or restart" (https://github.com/kubernetes/kubernetes/issues/23497#issuecomment-212349730), or as a forced update when the same tag can mean multiple versions (e.g. `:latest`). cc @janetkuo @nikhiljindal
Automatic merge from submit-queue
Kubelet pod eviction proposal
The following is a proposal for how the `kubelet` may pro-actively fail a pod in response to local compute resources being starved. The proposal focuses on memory as a first candidate, and defines a `greedy` strategy for reclaiming starved resources on the node since it seemed easiest to describe for operators versus other options and probably satisfies a broad set of use case environments.
Putting this out now for community feedback, but anticipate some more refinement around how we report eviction configuration back to users in the `Node API`.
/cc @bgrant0607 @smarterclayton @vishh @dchen1107 @kubernetes/rh-cluster-infra @kubernetes/goog-node
Automatic merge from submit-queue
Add proposal for kubelet TLS bootstrap
A proposal based on the discussion of issue #18112, to implement a process by which kubelets can obtain TLS certificates in a streamlined manner.
Automatic merge from submit-queue
more explicit requirements for pre-commit hook
I don't know if using the pre-commit hook is still a best-practice, but godep and etcd are requirements for it to succeed.
Automatic merge from submit-queue
Provide flags to use etcd3 backed storage
ref: #24405
What's in this PR?
- Add a new flag "storage-backend" to choose "etcd2" or "etcd3". By default (i.e. empty), it's "etcd2".
- Take out etcd config code into a standalone package and let it create etcd2 or etcd3 storage backend given user input.
Automatic merge from submit-queue
Promote Pod Hostname & Subdomain to fields (were annotations)
Deprecating the podHostName, subdomain and PodHostnames annotations and created corresponding new fields for them on PodSpec and Endpoints types.
Annotation doc: #22564
Annotation code: #20688
Automatic merge from submit-queue
Cleans up line wrap at 80 cols and some minor editing issues
Address line wrap issue #1488. Also cleans up other minor editing issues in the docs/design/* tree such as spelling errors.
Signed-off-by: mikebrow <brownwm@us.ibm.com>
Automatic merge from submit-queue
Update configmap design doc
1. Update ConfigMapSelector -> ConfigMapKeySelector
2. Update apiVersion to v1
3. Fix error validating data: expected type array, for field spec.containers[0].command, got string; if you choose to ignore these errors, turn validation off with --validate=false
Automatic merge from submit-queue
Add flag -t as shorthand for --tty
`-t` was deprecated in #12813 (Aug. 2015, about 6+ months ago).
Now remove `--template`'s shorthand `-t` and create a shorthand `-t` for `--tty` in `kubectl run`.
@kubernetes/kubectl
Automatic merge from submit-queue
Add kubelet flags for eviction threshold configuration
This PR just adds the flags for kubelet eviction and the associated generated code.
I am happy to tweak text, but we can also do that later at this point in the release.
Since this causes codegen, I wanted to stage this first.
/cc @vishh @kubernetes/sig-node
Automatic merge from submit-queue
kubectl: Allow []byte config fields to be set by the cli
Allows []byte config fields such as 'certificate-authority-data' to be set using `kubectl config set` commands.
Automatic merge from submit-queue
Incorrect attribute - docs - pod-security-context
Pod definition had incorrect spelling on attribute `securityContext`
Also fixed the flow of Motivation introduction paragraph.
Automatic merge from submit-queue
updates to vagrant.md
Addresses issue #24259; merges in edits from the now deleted version of vagrant.md from the kubernetes.github.io/docs/getting-started-guides directory see PR
https://github.com/kubernetes/kubernetes.github.io/pull/294
Signed-off-by: mikebrow <brownwm@us.ibm.com>
Automatic merge from submit-queue
Remove requirement that Endpoints IPs be IPv4
Signed-off-by: André Martins <aanm90@gmail.com>
Release Note: The `Endpoints` API object now allows IPv6 addresses to be stored. Other components of the system are not ready for IPv6 yet, and many cloud providers are not IPv6 compatible, but installations that use their own controller logic can now store v6 endpoints.
Automatic merge from submit-queue
Enable protobuf compilation by default
Enables protobuf compilation, build verification checks, and generates all initial code.
kubectl is now 47M on OSX, build time from clean on a 2014 MBP (4 core) on Go 1.6 is ~150s.
@wojtek-t
Automatic merge from submit-queue
Proposal for improving local cluster experience.
This proposal attempts to improve the existing single node, local cluster experience in Kubernetes.
It is **not** a proposal that helps with setting up a multi-node, production cluster.
cc @dlorenc @ethernetdan @runseb @mfburnett @bgrant0607 @pwittrock
Automatic merge from submit-queue
Clarify api-group docs by a tiny bit.
I realize this area is in flux and the doc is out of date, but it's strictly better with this update than without?
Automatic merge from submit-queue
Make etcd cache size configurable
Instead of the prior 50K limit, allow users to specify a more sensible size for their cluster.
I'm not sure what a sensible default is here. I'm still experimenting on my own clusters. 50 gives me a 270MB max footprint. 50K caused my apiserver to run out of memory as it exceeded >2GB. I believe that number is far too large for most people's use cases.
There are some other fundamental issues that I'm not addressing here:
- Old etcd items are cached and potentially never removed (it stores using modifiedIndex, and doesn't remove the old object when it gets updated)
- Cache isn't LRU, so there's no guarantee the cache remains hot. This makes its performance difficult to predict. More of an issue with a smaller cache size.
- 1.2 etcd entries seem to have a larger memory footprint (I never had an issue in 1.1, even though this cache existed there). I suspect that's due to image lists on the node status.
This is provided as a fix for #23323
Automatic merge from submit-queue
Flexvolume: Add support for multiple secrets
This PR adds support to pass multiple secrets for flexvolume plugins.
To allow multiple secrets, secrets are now passed as:
"kubernetes.io/secret/id-rsa":"value-2\r\n\r\n","kubernetes.io/secret/id-rsa.pub":"value-1\r\n"
Automatic merge from submit-queue
Additional go vet fixes
Mostly:
- pass lock by value
- bad syntax for struct tag value
- example functions not formatted properly
Automatic merge from submit-queue
Minor doc edits to development.md
Noted a few small clarity issues going through the development guide and while it mentioned local builds, it was missing instructions for building on a local go developer environment.
Signed-off-by: mikebrow <brownwm@us.ibm.com>
Automatic merge from submit-queue
Sync up all release note related docs with the latest process/procedures
@eparis we also need to get the munger in line with the latest. I think we've stopped making changes at this point. #23743 is coming up but is an enhancement to the base procedures here.
cc @bgrant0607
Automatic merge from submit-queue
Add some info about binary downloads
This should be merged before `v1.2`. Useful information.
WDYT?
@wojtek-t @fgrzadkowski @zmerlynn @mikedanese @brendandburns @thockin
Automatic merge from submit-queue
Up to golang 1.6
A second attempt to upgrade go version above `go1.4`
Merge ASAP after you've cut the `release-1.2` branch and feel ready.
`go1.6` should perform slightly better than `go1.5`, so this time it might work
@gmarek @wojtek-t @zmerlynn @mikedanese @brendandburns @ixdy @thockin
Automatic merge from submit-queue
Move typed clients into clientset folder
Move typed clients from `pkg/client/typed/` to `pkg/client/clientset_generated/${clientset_name}/typed`.
The first commit changes the client-gen, the last commit updates the doc, other commits are just moving things around.
@lavalamp @krousey
Automatic merge from submit-queue
minor edits to testing guide
Noted a few small issues going through the getting started testing guide.
Cheers, Mike
Signed-off-by: mikebrow <brownwm@us.ibm.com>
Sync the examples with the scripts usage so we don't need to update this
doc with every new branch.
Supporting updates to docs/devel/pull-requests.md#release-notes.
Automatic merge from submit-queue
Add support for 3rd party objects to kubectl
@deads2k @jlowdermilk
Instructions for playing around with this:
Run an apiserver with third party resources turned on (`--runtime-config=extensions/v1beta1=true,extensions/v1beta1/thirdpartyresources=true`)
Then you should be able to:
```
kubectl create -f rsrc.json
```
```json
{
"metadata": {
"name": "foo.company.com"
},
"apiVersion": "extensions/v1beta1",
"kind": "ThirdPartyResource",
"versions": [
{
"apiGroup": "group",
"name": "v1"
},
{
"apiGroup": "group",
"name": "v2"
}
]
}
```
Once that is done, you should be able to:
```
curl http://<server>/apis/company.com/v1/foos
```
```
curl -X POST -d @${HOME}/foo.json http://localhost:8080/apis/company.com/v1/namespaces/default/foos
```
```json
{
"kind": "Foo",
"apiVersion": "company.com/v1",
"metadata": {
"name": "baz"
},
"someField": "hello world",
"otherField": 1
}
```
After this PR, you can do:
```
kubectl create -f foo.json
```
```
kubectl get foos
```
etc.
Automatic merge from submit-queue
rkt: bump rkt version to 1.2.1
Upon bumping the rkt version, `--hostname` is supported. Also we now gets the configs from the rkt api service, so `stage1-image` is deprecated.
cc @yujuhong @Random-Liu
Automatic merge from submit-queue
allow kubectl cmds to process files recursively, when given a dir
This PR accomplishes two things:
1. It creates a `--recursive` flag for use with certain `kubectl` commands that _currently_ do not process files beyond their first level of children, as seen in the issue https://github.com/kubernetes/kubernetes/issues/19767
2. It enables the ability to use the `--recursive` flag in the `kubectl` commands that currently _only_ support processing a directory up to its first level of children.
reqs:
- the kubectl cmd must support the -f | --filename flag
- the kubectl cmd must support visiting a dir one level deep,
or using more than one resource
derekwaynecarr
