Automatic merge from submit-queue
Fix comment of request.go
**What this PR does / why we need it**:
Fix comment of request.go
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
client-gen: don't ignore nil clientsets
Closes https://github.com/kubernetes/client-go/issues/240
When a clientset is nil, fail fast instead of returning a nil value as an interface.
/cc @kubernetes/sig-api-machinery-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 49916, 50050)
GCE: Fix bug by correctly cast port to string
Code is incorrectly casting a port to a string, causing the diff-expression to always return true.
**What this PR does / why we need it**:
Fixes#50049
**Special notes for your reviewer**:
/assign @MrHohn
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49916, 50050)
Update images used in the node e2e benchmark tests
Ref: https://github.com/kubernetes/kubernetes/issues/42926
- Update the cosbeta image since the new version contains a 'du' command fix that affects Docker performance.
- Add the coreos and ubuntu image that run Docker 1.12.6 so that we will have more data to compare.
**Release note**:
```
None
```
Automatic merge from submit-queue (batch tested with PRs 48365, 49902, 49808, 48722, 47045)
Improve shared informer notification dispatching
**What this PR does / why we need it**:
Locks and channels don't play well together. This is an attempt to remove locks and only use channels in shared informer. It looks much cleaner to me.
**Release note**:
```release-note
NONE
```
@deads2k @ncdc
Automatic merge from submit-queue (batch tested with PRs 48365, 49902, 49808, 48722, 47045)
Upgrade fluentd-elasticsearch addon to Elasticsearch/Kibana 5.5
This is a patch to upgrade the fluentd-elasticsearch addon to Elasticsearch/Kibana 5.5. Please provide feedback!
```release-notes
* Upgrade Elasticsearch/Kibana to 5.5.1 in fluentd-elasticsearch addon
* Switch to basing our image of Elasticsearch in fluentd-elasticsearch addon off the official one
* Switch to the official image of Kibana in fluentd-elasticsearch addon
* Use StatefulSet for Elasticsearch instead of ReplicationController, with persistent volume claims
* Require authenticating towards Elasticsearch, as Elasticsearch 5.5 by default requires basic authentication
```
Automatic merge from submit-queue (batch tested with PRs 48365, 49902, 49808, 48722, 47045)
Add admission controller API to runtime config and externalize ADMISSION_CONTROL
**What this PR does / why we need it**:
Enable the dynamic admission controller registration API by
adding "admissionregistration.k8s.io/v1alpha1" to --runtime-config
to fix problems when starting up local-up-cluster. Also make sure
ADMISSION_CONTROL can be specified externally.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes#47385
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48365, 49902, 49808, 48722, 47045)
Allow update to GC fields for RBAC resources
This change makes it so that no escalation check is performed when updating only the garbage collector fields (owner references and finalizers) of RBAC resources. This allows the garbage collector to delete roles that grant permissions such as "create", which it will never have.
Signed-off-by: Monis Khan <mkhan@redhat.com>
@kubernetes/sig-auth-api-reviews
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48365, 49902, 49808, 48722, 47045)
Rebase hyperkube image on debian-hyperkube-base, based on debian-base.
**What this PR does / why we need it**: saves all of the hyperkube image dependencies in a cacheable base image, rather than downloading them for every build (which is slow and flaky).
This way, at build time, we only need to pull down the hyperkube base image and add the hyperkube binary.
I've additionally based the base image on `debian-base` instead of `debian`, though we amusing end up reinstalling a bunch of the things we removed in `debian-base`.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#35058, at least partially
**Special notes for your reviewer**: I'm increasingly convinced that the hyperkube image is a bad pattern, as this image carries the superset of dependencies anyone might need, rather than the limited set of dependencies one needs. hyperkube really needs a proper owner.
**Release note**:
```release-note
```
/assign @timstclair @luxas @philips @nikhiljindal
cc @kubernetes/sig-release-pr-reviews
Automatic merge from submit-queue
remove dead log handler and increase verbosity
We had a handler that no one was using and this bumps the verbosity slightly (2->3) to reduce noise at 2.
Automatic merge from submit-queue (batch tested with PRs 50000, 49954, 49943, 50018, 49607)
change apps/v1beta2 StatefulSet observedGeneration from a pointer to an int for consistency
**What this PR does / why we need it**:
change the StatefulSet observedGeneration from a pointer to an int for consistency
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49623
xref #49135
**Special notes for your reviewer**:
/cc @janetkuo @foxish @kow3ns
**Release note**:
```release-note
change apps/v1beta2 StatefulSet observedGeneration (optional field) from a pointer to an int for consistency
```
Automatic merge from submit-queue (batch tested with PRs 50000, 49954, 49943, 50018, 49607)
Remove extraneous white space
**What this PR does / why we need it**:
Output from command `kubectl delete --help` contains extraneous whitespace. While we are at it, paragraph in multi-paragraph section has shorter line lengths, text looks better if all paragraphs have similar line lengths.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
White space only. This PR is outward facing but so trivial I don't think it needs a release note. I'm new around here, if this assumption is incorrect please tell me. Thanks.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 50000, 49954, 49943, 50018, 49607)
Add [sig-autoscaling] prefix to autoscaling e2e tests
**What this PR does / why we need it**:
Add [sig-autoscaling] prefix to autoscaling e2e tests
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Umbrella issue #49161
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 50000, 49954, 49943, 50018, 49607)
Update the DeleteReplicaSet in rs_util.go to use server side reaper
**What this PR does / why we need it**:
fix#47832
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#47832
**Special notes for your reviewer**:
**Release note**:
```
None
```
Automatic merge from submit-queue (batch tested with PRs 50000, 49954, 49943, 50018, 49607)
Add [sig-scalability] prefix to scalability e2e tests
**What this PR does / why we need it**:
Add [sig-scalability] prefix to scalability e2e tests
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Umbrella issue #49161
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49237, 49656, 49980, 49841, 49899)
certificate manager: close existing client conns once cert rotates
After the kubelet rotates its client cert, it will keep connections to the API server open indefinitely, causing it to use its old credentials instead of the new certs. Because the API server authenticates client certs at the time of the request, and not the handshake, this could cause the kubelet to start hitting auth failures even if it rotated its certificate to a new, valid one.
When the kubelet rotates its cert, close down existing connections to force a new TLS handshake.
Ref https://github.com/kubernetes/features/issues/266
Updates https://github.com/kubernetes-incubator/bootkube/pull/663
```release-note
After a kubelet rotates its client cert, it now closes its connections to the API server to force a handshake using the new cert. Previously, the kubelet could keep its existing connection open, even if the cert used for that connection was expired and rejected by the API server.
```
/cc @kubernetes/sig-auth-bugs
/assign @jcbsmpsn @mikedanese
Automatic merge from submit-queue (batch tested with PRs 49237, 49656, 49980, 49841, 49899)
[Bug Fix] Set NodeOODCondition to false
fixes#49839, which was introduced by #48846
This PR makes the kubelet set NodeOODCondition to false, so that the scheduler and other controllers do not consider the node to be unschedulable.
/assign @vishh
/sig node
/release-note-none
Automatic merge from submit-queue (batch tested with PRs 49237, 49656, 49980, 49841, 49899)
GC shouldn't send empty patch
The scope of the `if` statement was wrong, causing GC to sometimes send empty patch.
Found this bug while investigating https://github.com/kubernetes/kubernetes/issues/49966.
Automatic merge from submit-queue (batch tested with PRs 49237, 49656, 49980, 49841, 49899)
make admission tolerate object without objectmeta for errors
Not all object have ObjectMeta (see SARs for instance). Admission should tolerate this condition without giving meaningless errors.
@derekwaynecarr ptal
@php-coder fyi
Automatic merge from submit-queue (batch tested with PRs 49989, 49806, 49649, 49412, 49512)
This adds an etcd health check endpoint to kube-apiserver
addressing https://github.com/kubernetes/kubernetes/issues/48215.
**What this PR does / why we need it**:
This ensures kube-apiserver `/healthz` endpoint fails whenever connectivity cannot be established to etcd, also ensures the etcd preflight checks works with unix sockets
**Which issue this PR fixes**: fixes#48215
**Special notes for your reviewer**:
This PR does not use the etcd client directly as the client object is wrapped behind the storage interface and not exposed directly for use, so I decided to reuse what's being done in the preflight. So this will only check fail for connectivity and not etcd auth related problems. I did not write tests for the endpoint because I couldn't find examples that I could follow for writing tests for healthz related endpoints, I'll be willing to write those tests if someone can point me at a relevant one.
**Release note**:
```release-note
Add etcd connectivity endpoint to healthz
```
@deads2k please help review, thanks!
Automatic merge from submit-queue (batch tested with PRs 49989, 49806, 49649, 49412, 49512)
Use existing k8s binaries and images on disk when they are preloaded to gce cos image.
**What this PR does / why we need it**:
This change is to accelerate K8S startup time on gce when k8s tarballs and images are already preloaded in VM image, by skipping the downloading, extracting and file transfer steps.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49989, 49806, 49649, 49412, 49512)
Update repo-infra and rules_go Bazel workspace dependencies
**What this PR does / why we need it**: bumping the `repo-infra` dependency gets us https://github.com/kubernetes/repo-infra/pull/25, which hopefully fixes the `gsutil -m rsync` flakiness in the `pull-kubernetes-e2e-gce-bazel` job, and https://github.com/kubernetes/repo-infra/pull/26, which lets us bump the `rules_go` dependency.
Bumping the `rules_go` dependency fixes the build on bazel 0.5.3+, gives us race detector support, and probably a bunch of other features, too. It's also a prerequisite for switching to gazelle (#47558).
**Release note**:
```release-note
NONE
```
/assign @spxtr @mikedanese
Automatic merge from submit-queue
Log abridged set of rules at v2 in kube-proxy on error
**What this PR does / why we need it**:
this is a follow-on to https://github.com/kubernetes/kubernetes/pull/48085
**Special notes for your reviewer**:
we hit this in operations where we typically run in v2, and would like to log abridged set of output rather than full output.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Add ubuntu to gluster and nfs tests
**What this PR does / why we need it**:
Enable gluster and nfs tests for ubuntu distro
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50039
**Special notes for your reviewer**:
**Release note**:
/release-note-none
/sig storage
Automatic merge from submit-queue
cleanup dead installer code
cleans up some installer code that was dead and reorders a little of the flow to reduce complexity.
@kubernetes/sig-api-machinery-misc
Automatic merge from submit-queue (batch tested with PRs 50029, 48517, 49739, 49866, 49782)
Update generated deepcopy code
**What this PR does / why we need it**:
In generated deepcopy code, the method names in comments do not match the real method names.
**Which issue this PR fixes**: fixes#49755
**Special notes for your reviewer**:
/assign @sttts @caesarxuchao
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 50029, 48517, 49739, 49866, 49782)
fix spelling
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 50029, 48517, 49739, 49866, 49782)
Pod affinity test clean up as AffinitInAnnotation is removed.
**What this PR does / why we need it**:
These tests are already covered under "empty topologyKey" pod affinity test cases.
These test cases were added only to test the scenario when the AffinitInAnnotation
feature was disabled. Since AffinitInAnnotation is removed now, these test cases are
no longer needed as they are duplicate now.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
@kubernetes/sig-scheduling-misc @bsalamat
Automatic merge from submit-queue (batch tested with PRs 50029, 48517, 49739, 49866, 49782)
iptables_test should not run on OSX or Windows
**What this PR does / why we need it**:
Fix for failing tests. Let's just skip these on darwin and windows
platforms as iptables is not available on these.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes#48509
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Add cblecker to hack/ owners
This PR adds myself to the approvers list for `hack/`. I've been helping do a bunch of improvements here over the past few months, and want to continue doing so.
I solemnly promise to use approval powers for good, and only approve things that I know are safe and within my area of expertise!
```release-note
NONE
```
/cc @ixdy @sttts @fejta @spxtr
Automatic merge from submit-queue (batch tested with PRs 49990, 49997, 44278, 49936, 49891)
adds an admission plugin to the sample apiserver.
**What this PR does / why we need it**:
adds an admission plugin to the sample apiserver.
the admission plugin checks whether `Flunder.Name` is not on the banned list.
including a unit test with various test scenarios.
**Special notes for your reviewer**:
https://github.com/kubernetes/kubernetes/issues/47868
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49990, 49997, 44278, 49936, 49891)
Allow mode in e2e-framework to gather metrics only from master
This should enable getting metrics for our 5k-node clusters.
cc @kubernetes/sig-scalability-misc @gmarek
Automatic merge from submit-queue (batch tested with PRs 49990, 49997, 44278, 49936, 49891)
Move ResourceQuota plugin at the end of the admission plugin chain.
@liggitt @derekwaynecarr
Automatic merge from submit-queue
Update submit-queue URL in README.md
**What this PR does / why we need it**:
- Updates the submit-queue URL in README.md from `e2e` to `ci` to match upstream changes.
- NOTE: The existing URL works for now because submit-queue is a single page app and we route to the same tab for both URLs client-side, but this is the correct URL now.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
- N/A
**Special notes for your reviewer**:
- [kubernetes-dev update](https://groups.google.com/forum/#!topic/kubernetes-dev/z3S47Zsq53Y)
- [test-infra PR with changes to submit-queue]( https://github.com/kubernetes/test-infra/pull/3765)
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
fix sample-apiserver apiservice.yaml to add groupPriorityMinimum
fix sample-apiserver apiservice.yaml example to add groupPriorityMinimum and versionPriority, which is added in v1.7
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Kubernetes Submit Queue