1. 27 Feb, 2017 6 commits
  2. 26 Feb, 2017 34 commits
    • Kubernetes Submit Queue's avatar
      Merge pull request #41877 from bruceauyeung/k8s-branch-preflight-check-etcd-version · e4c545a8
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41954, 40528, 41875, 41165, 41877)
      
      preflight check external etcd version when kubeadm init
      
      **What this PR does / why we need it**:
      1. preflight check if verson of external etcd server meets the demand of kubeadm, currently requires >= 3.0.14
      2. support mixed http endpoints and https endpoints
      
      **Which issue this PR fixes** : fixes  https://github.com/kubernetes/kubeadm/issues/174
      
      **Special notes for your reviewer**:
      i have tested against single endpoint including http etcd server , https etcd server,  but multiple endpoints not tested yet. i'll do it tomorrow
      e4c545a8
    • Kubernetes Submit Queue's avatar
      Merge pull request #41165 from nikhiljindal/del202 · 945b041f
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41954, 40528, 41875, 41165, 41877)
      
      Updating apiserver to return 202 when resource is being deleted asynchronously via cascading deletion
      
      As per https://github.com/kubernetes/kubernetes/issues/33196#issuecomment-278440622.
      
      cc @kubernetes/sig-api-machinery-pr-reviews @smarterclayton @caesarxuchao @bgrant0607 @kubernetes/api-reviewers 
      
      ```release-note
      Updating apiserver to return http status code 202 for a delete request when the resource is not immediately deleted because of user requesting cascading deletion using DeleteOptions.OrphanDependents=false.
      ```
      945b041f
    • Kubernetes Submit Queue's avatar
      Merge pull request #41875 from wanghaoran1988/fix_issue · 18fe5926
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41954, 40528, 41875, 41165, 41877)
      
      Move the scheduler Fake* to testing folder
      
      Address this issue: https://github.com/kubernetes/kubernetes/issues/41662
      @timothysc I moved the interface to the types.go, and the Fake* to the testing package, not sure whether you like or not.
      18fe5926
    • Kubernetes Submit Queue's avatar
      Merge pull request #40528 from shashidharatd/kubefed-2 · 26760802
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41954, 40528, 41875, 41165, 41877)
      
      [Federation][kubefed] Support configuring dns-provider
      
      **What this PR does / why we need it**:
      Some environments might need to configure the dns-provider using custom configurations for deploying federation control plane. This PR will facilitate such scenarios. please refer to #40620 
      
      Now we can pass dns provider configuration using `dns-provider-config` flag to `kubefed init`
      
      **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #40620
      
      **Release note**:
      
      ```
      [Federation] Introduced a new flag --dns-provider-config to kubefed to configure dns provider via a config file in local file system.
      ```
      
      cc @kubernetes/sig-federation-misc @madhusudancs @irfanurrehman @marun
      26760802
    • Kubernetes Submit Queue's avatar
      Merge pull request #41954 from smarterclayton/bump_ginkgo · 1fd3eb34
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue
      
      bump(github.com/onsi/gingko):bb93381d543b0e5725244abe752214a110791d01
      
      Adds support for extracting stdout and stderr from failed tests runs
      into junit, which makes junit more effective for debugging failures.
      
      After this I'll submit a change to gubernator to show the stdout/stderr
      1fd3eb34
    • Kubernetes Submit Queue's avatar
      Merge pull request #41562 from alejandroEsc/ae/test/check · e2b72388
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41701, 41818, 41897, 41119, 41562)
      
      Updated configmap_controller_test.go
      
      **What this PR does / why we need it**: A few style decisions to make this test a bit harder to break. Including a fix to help it fail and not panic when channel produces a nil.
      
      **Release note**:
      
      ```
      NONE
      ```
      e2b72388
    • Kubernetes Submit Queue's avatar
      Merge pull request #41119 from sarat-k/master · 11b9a2d0
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41701, 41818, 41897, 41119, 41562)
      
      Optimization of on-wire information sent to scheduler extender interfaces that are stateful
      
      The changes are to address the issue described in https://github.com/kubernetes/kubernetes/issues/40991
      
      ```release-note
      Added support to minimize sending verbose node information to scheduler extender by sending only node names and expecting extenders to cache the rest of the node information
      ```
      
      cc @ravigadde
      11b9a2d0
    • Kubernetes Submit Queue's avatar
      Merge pull request #41897 from luxas/kubeadm_secure_controlplane · b2765427
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41701, 41818, 41897, 41119, 41562)
      
      kubeadm: Secure the control plane communication and add the kubeconfig phase command
      
      **What this PR does / why we need it**:
      
      This generates kubeconfig files for the controller-manager and the scheduler, ref: https://github.com/kubernetes/kubeadm/issues/172
      
      The second commit adds the `kubeadm alpha phase kubeconfig` command as described in the design doc: https://github.com/kubernetes/kubeadm/pull/156
      
      **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
      
      **Special notes for your reviewer**:
      
      @dmmcquay What kind of tests would you like for the kubeconfig phase command?
      
      **Release note**:
      
      ```release-note
      ```
      @jbeda @mikedanese @dmmcquay @pires @liggitt @deads2k @errordeveloper
      b2765427
    • Kubernetes Submit Queue's avatar
      Merge pull request #41818 from aveshagarwal/master-taints-tolerations-api-fields-pod-spec-updates · 1359ffc5
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41701, 41818, 41897, 41119, 41562)
      
      Allow updates to pod tolerations.
      
      Opening this PR to continue discussion for pod spec tolerations updates when a pod has been scheduled already. This PR is built on top of https://github.com/kubernetes/kubernetes/pull/38957.
      
      @kubernetes/sig-scheduling-pr-reviews @liggitt @davidopp @derekwaynecarr @kubernetes/rh-cluster-infra
      1359ffc5
    • Kubernetes Submit Queue's avatar
      Merge pull request #41701 from vishh/evict-non-static-critical-pods · a8b629d4
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue
      
      Admit critical pods under resource pressure
      
      And evict critical pods that are not static.
      
      Depends on #40952.
      
      For #40573
      a8b629d4
    • Kubernetes Submit Queue's avatar
      Merge pull request #40576 from nikhiljindal/kubectlcascDel · 0bc16d89
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41994, 41969, 41997, 40952, 40576)
      
      Updating kubectl to send delete requests with orphanDependents=false if --cascade is true
      
      Ref https://github.com/kubernetes/kubernetes/issues/40568 #38897
      
      Updating kubectl to always set `DeleteOptions.orphanDependents=false` when deleting a resource with `--cascade=true`.
      This is primarily for federation where we want to use server side cascading deletion.
      
      Impact on kubernetes: kubectl will do another GET after sending a DELETE and wait till the resource is actually deleted. This can have an impact if the resource has a finalizer. kubectl will wait till the finalizer is removed and then the resource is deleted, which is the right thing to do but a notable change in behavior.
      
      cc @caesarxuchao @lavalamp @smarterclayton @kubernetes/sig-federation-pr-reviews @kubernetes/sig-cli-pr-reviews
      0bc16d89
    • Kubernetes Submit Queue's avatar
      Merge pull request #40952 from dashpole/premption · 16f87fe7
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41994, 41969, 41997, 40952, 40576)
      
      Guaranteed admission for Critical Pods
      
      This is the first step in implementing node-level preemption for critical pods.
      It defines the AdmissionFailureHandler interface, which allows callers, like the kubelet, to define how failed predicates are handled, and take steps to correct failures if necessary.
      In the kubelet's implementation, it triggers preemption if the pod being admitted is critical, and if the only failed predicates are InsufficientResourceErrors, then it prempts (not yet implemented) other other pods to allow admission of the critical pod.
      
      cc: @vishh
      16f87fe7
    • Kubernetes Submit Queue's avatar
      Merge pull request #41997 from dashpole/inode_test_post_monitoring · d3eac09c
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41994, 41969, 41997, 40952, 40576)
      
      Inode Eviction test Tests that Innocent pods are not evicted throughout test.
      
      The current version of the inode eviction test only makes sure that the two abusive pods are evicted before the innocent pod.  This change adds a check during the post-eviction monitoring period to ensure that the innocent pod is not evicted, even after the abusive pods.
      
      This will likely result in a higher failure rate for this test, but since it is in the flaky test suite, this is not an issue.
      This change should help give us a better perspective on eviction issues.
      
      cc @Random-Liu @vishh @derekwaynecarr
      d3eac09c
    • Kubernetes Submit Queue's avatar
      Merge pull request #41969 from wojtek-t/use_protobufs_for_self_communication_in_apiserver · 1a2ec1ad
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41994, 41969, 41997, 40952, 40576)
      
      Use protobufs for self-communication
      
      @deads2k @liggitt
      1a2ec1ad
    • Kubernetes Submit Queue's avatar
      Merge pull request #41994 from spiffxp/no-ls-etcd · de421716
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue
      
      allow `hack/lib/etcd.sh` to print version mismatch error message
      
      **What this PR does / why we need it**:  `third_party/etcd` isn't guaranteed to be present, this was causing the `hack/lib/etcd.sh` script to fail on `ls` prior to printing out the error message about
      etcd version mismatch
      
      **Which issue this PR fixes**: fixes #41989
      
      **Release note**:
      ```release-note
      NONE
      ```
      de421716
    • Clayton Coleman's avatar
      generated: bazel · a5d29ac5
      Clayton Coleman authored
      a5d29ac5
    • Clayton Coleman's avatar
      bump(github.com/onsi/gingko):bb93381d543b0e5725244abe752214a110791d01 · 4e24e82b
      Clayton Coleman authored
      Adds support for extracting stdout and stderr from failed tests runs
      into junit, which makes junit more effective for debugging failures.
      4e24e82b
    • Kubernetes Submit Queue's avatar
      Merge pull request #41982 from deads2k/agg-18-ca-permissions · 45242048
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue
      
      Add namespaced role to inspect particular configmap for delegated authentication
      
      Builds on https://github.com/kubernetes/kubernetes/pull/41814 and https://github.com/kubernetes/kubernetes/pull/41922 (those are already lgtm'ed) with the ultimate goal of making an extension API server zero-config for "normal" authentication cases.
      
      This part creates a namespace role in `kube-system` that can *only* look the configmap which gives the delegated authentication check.  When a cluster-admin grants the SA running the extension API server the power to run delegated authentication checks, he should also bind this role in this namespace.
      
      @sttts Should we add a flag to aggregated API servers to indicate they want to look this up so they can crashloop on startup?  The alternative is sometimes having it and sometimes not.  I guess we could try to key on explicit "disable front-proxy" which may make more sense.
      
      @kubernetes/sig-api-machinery-misc 
      
      @ncdc I spoke to @liggitt about this before he left and he was ok in concept.  Can you take a look at the details?
      45242048
    • Kubernetes Submit Queue's avatar
      Merge pull request #41991 from dgoodwin/demote-self-hosted · 3cc14290
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41857, 41864, 40522, 41835, 41991)
      
      kubeadm: Demote --self-hosted to master config file.
      
      **What this PR does / why we need it**:
      
      kubeadm init --self-hosted was meant to be a short lived hack to enable self-hosted deployments until we're ready to make them the default. Rather than shipping this in 1.6 (for the first time) we will move this to the config file as it is presently only an advanced feature, leaving us with more well supported ways to remove it in the future.
      
      **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
      
      **Special notes for your reviewer**:
      
      CC @luxas @pires @errordeveloper @dmmcquay 
      
      **Release note**:
      
      ```release-note
      NONE
      ```
      3cc14290
    • Kubernetes Submit Queue's avatar
      Merge pull request #41835 from luxas/kubeadm_beta_label · 861f4179
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41857, 41864, 40522, 41835, 41991)
      
      kubeadm: Use a new label for marking and tainting the master node
      
      **What this PR does / why we need it**:
      
      Implements https://github.com/kubernetes/kubernetes/pull/39112 for kubeadm until that PR is merged. I want to proceed on this stuff, it has been pending for too long already.
      
      It's at least pretty safe to apply this for kubeadm now, since we're still in alpha in v1.6 implementation-wise, only the CLI will be beta.
      
      **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
      
      **Special notes for your reviewer**:
      
      **Release note**:
      
      ```release-note
      Switch to the `node-role.kubernetes.io/master` label for marking and tainting the master node in kubeadm
      ```
      cc @deads2k @liggitt @smarterclayton @jbeda @roberthbailey @mikedanese @justinsb @sttts @kubernetes/api-approvers @kubernetes/api-reviewers
      861f4179
    • Kubernetes Submit Queue's avatar
      Merge pull request #40522 from wojtek-t/use_new_conversions_in_patch · 44dcde0c
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41857, 41864, 40522, 41835, 41991)
      
      Use new conversions in patch
      
      Ref #39017
      44dcde0c
    • Kubernetes Submit Queue's avatar
      Merge pull request #41864 from marun/kubectl-drain-orphans · c4835f26
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41857, 41864, 40522, 41835, 41991)
      
      kubectl: Allow 'drain --force' to remove orphaned pods
      
      If the managing resource of a given pod (e.g. DaemonSet/ReplicaSet/etc) is deleted (effectively orphaning the pod), and ``kubectl drain --force`` is invoked on the node hosting the pod, the command would fail with an error indicating that the managing resource was not found.  This PR reduces the error to a warning if ``--force`` is specified, allowing nodes with orphaned pods to be drained.   
      
      Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1424678
      
      cc: @derekwaynecarr 
      
      ```release-note
      Allow drain --force to remove pods whose managing resource is deleted.
      ```
      c4835f26
    • Kubernetes Submit Queue's avatar
      Merge pull request #41857 from apprenda/kubeadm_update_token_separator · 1b3a9fe1
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41857, 41864, 40522, 41835, 41991)
      
      kubeadm: update token separator to '.'
      
      **What this PR does / why we need it**: From SIG meetings, it was agreed upon to have '.' be the separator for tokens. This PR updates that. 
      
      **Special notes for your reviewer**: /cc @luxas @jbeda
      
      **Release note**:
      ```release-note
      NONE
      ```
      1b3a9fe1
    • Kubernetes Submit Queue's avatar
      Merge pull request #41077 from deads2k/cli-01-cani · a1490926
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41814, 41922, 41957, 41406, 41077)
      
      add kubectl can-i to see if you can perform an action
      
      Adds `kubectl auth can-i <verb> <resource> [<name>]` so that a user can see if they are allowed to perform an action.
      
      @kubernetes/sig-cli-pr-reviews @fabianofranz 
      
      This particular command satisfies the immediate need of knowing if you can perform an action without trying that action.  When using RBAC in a script that is adding permissions, there is a lag between adding the permission and the permission being realized in the RBAC cache.  As a user on the CLI, you almost never see it, but as a script adding a binding and then using that new power, you hit it quite often.
      
      There are natural follow-ons to the same area (hence the `auth` subcommand) to figure out if someone else can perform an action, what actions you can perform in total, and who can perform a given action.  Someone else is an API we have already, what-can-i-do was a proposed API a while back and a very useful one for interfaces, and who-can is common question if someone is administering a namespace.
      a1490926
    • Kubernetes Submit Queue's avatar
      Merge pull request #41406 from jsafrane/operation-backoff · 0b54264d
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41814, 41922, 41957, 41406, 41077)
      
      pv_controller: Do not report exponential backoff as error.
      
      It's not an error when recycle/delete/provision operation cannot be started
      because it has failed recently. It will be restarted automatically when
      backoff expires.
      
      This just pollutes logs without any useful information:
      ```
      E0214 08:00:30.428073   77288 pv_controller.go:1410] error scheduling operaion "delete-pvc-1fa0e8b4-f2b5-11e6-a8bb-fa163ecb84eb[1fbd52ee-f2b5-11e6-a8bb-fa163ecb84eb]": Failed to create operation with name "delete-pvc-1fa0e8b4-f2b5-11e6-a8bb-fa163ecb84eb[1fbd52ee-f2b5-11e6-a8bb-fa163ecb84eb]". An operation with that name failed at 2017-02-14 08:00:15.631133152 -0500 EST. No retries permitted until 2017-02-14 08:00:31.631133152 -0500 EST (16s). Last error: "Cannot delete the volume \"11a4faea-bfc7-4713-88b3-dec492480dba\", it's still attached to a node".
      ```
      
      ```release-note
      NONE
      ```
      
      @kubernetes/sig-storage-pr-reviews
      0b54264d
    • Kubernetes Submit Queue's avatar
      Merge pull request #41957 from liggitt/mirror-pod-secrets · 2eef3b1a
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41814, 41922, 41957, 41406, 41077)
      
      Use consistent helper for getting secret names from pod
      
      Kubelet secret-manager and mirror-pod admission both need to know what secrets a pod spec references. Eventually, a node authorizer will also need to know the list of secrets.
      
      This creates a single (well, double, because api versions) helper that can be used to traverse the secret names referenced from a pod, optionally short-circuiting (for places that are just looking to see if any secrets are referenced, like admission, or are looking for a particular secret ref, like authorization)
      
      Fixes:
      * secret manager not handling secrets used by env/envFrom in initcontainers
      * admission allowing mirror pods with secret references
      
      @smarterclayton @wojtek-t
      2eef3b1a
    • Kubernetes Submit Queue's avatar
      Merge pull request #41922 from deads2k/rbac-05-reconcile · 92c44c9d
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue
      
      make reconcilation generic to handle roles and clusterroles
      
      We have a need to reconcile regular roles, so this pull moves the reconciliation code to use interfaces (still tightly coupled) rather than structs.
      
      @liggitt @kubernetes/sig-auth-pr-reviews
      92c44c9d
    • Kubernetes Submit Queue's avatar
      Merge pull request #41814 from deads2k/agg-06-cas · 1519422a
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue
      
      add client-ca to configmap in kube-public
      
      Client CA information is not secret and it's required for any API server trying to terminate a TLS connection.  This pull adds the information to configmaps in `kube-public` that look like this:
      
      
      ```yaml
      apiVersion: v1
      data:
        client-ca.crt: |
          -----BEGIN CERTIFICATE-----
          -----END CERTIFICATE-----
        requestheader-allowed-names: '["system:auth-proxy"]'
        requestheader-client-ca-file: |
          -----BEGIN CERTIFICATE-----
          -----END CERTIFICATE-----
        requestheader-extra-headers-prefix: '["X-Remote-Extra-"]'
        requestheader-group-headers: '["X-Remote-Group"]'
        requestheader-username-headers: '["X-Remote-User"]'
      kind: ConfigMap
      metadata:
        creationTimestamp: 2017-02-22T17:54:37Z
        name: extension-apiserver-authentication
        namespace: kube-system
        resourceVersion: "6"
        selfLink: /api/v1/namespaces/kube-system/configmaps/extension-apiserver-authentication
        uid: fa1dd328-f927-11e6-8b0e-28d2447dc82b
      
      ```
      
      @kubernetes/sig-auth-api-reviews @liggitt @kubernetes/sig-api-machinery-pr-reviews @lavalamp @sttts 
      
      
      There will need to be a corresponding pull for permissions
      1519422a
    • Kubernetes Submit Queue's avatar
      Merge pull request #41628 from humblec/glusterfs-refactor · cff3c996
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 40932, 41896, 41815, 41309, 41628)
      
      Factor new GetClusterNodes() out of CreateVolume().
      cff3c996
    • Kubernetes Submit Queue's avatar
      Merge pull request #41309 from kars7e/add-cafile-openstack · 9a218d40
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 40932, 41896, 41815, 41309, 41628)
      
      Add custom CA file to openstack cloud provider config
      
      **What this PR does / why we need it**: Adds ability to specify custom CA bundle file to verify OpenStack endpoint against. Useful in tests and PoC deployments. Similar to what https://github.com/kubernetes/kubernetes/pull/35488 did for authentication.  
      
      
      **Which issue this PR fixes**: None
      
      **Special notes for your reviewer**: Based on https://github.com/kubernetes/kubernetes/pull/35488 which added support for custom CA file for authentication.
      
      **Release note**:
      9a218d40
    • Kubernetes Submit Queue's avatar
      Merge pull request #41815 from… · 77ba346f
      Kubernetes Submit Queue authored
      Merge pull request #41815 from kevin-wangzefeng/enable-defaulttolerationseconds-admission-controller
      
      Automatic merge from submit-queue (batch tested with PRs 40932, 41896, 41815, 41309, 41628)
      
      enable DefaultTolerationSeconds admission controller by default
      
      **What this PR does / why we need it**:
      Continuation of PR #41414, enable DefaultTolerationSeconds admission controller by default.
      
      
      **Which issue this PR fixes**: 
      fixes: #41860
      related Issue: #1574, #25320
      related PRs: #34825, #41133, #41414 
      
      **Special notes for your reviewer**:
      
      **Release note**:
      
      ```release-note
      enable DefaultTolerationSeconds admission controller by default
      ```
      77ba346f
    • Kubernetes Submit Queue's avatar
      Merge pull request #41896 from kevin-wangzefeng/daemonset-infinite-default-toleration-seconds · dd29e6cd
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 40932, 41896, 41815, 41309, 41628)
      
      Make DaemonSets survive taint-based evictions when nodes turn unreachable/notReady
      
      **What this PR does / why we need it**:
      DaemonPods shouldn't be deleted by NodeController in case of Node problems.
      This PR is to add infinite tolerations for Unreachable/NotReady NoExecute Taints, so that they won't be deleted by NodeController when a node goes unreachable/notReady.
      
      **Which issue this PR fixes** :
      fixes #41738 
      Related PR: #41133
      
      
      **Special notes for your reviewer**:
      
      **Release note**:
      
      ```release-note
      Make DaemonSets survive taint-based evictions when nodes turn unreachable/notReady.
      ```
      dd29e6cd
    • Kubernetes Submit Queue's avatar
      Merge pull request #40932 from peay/cronjob-max-finished-jobs · 80e6492f
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 40932, 41896, 41815, 41309, 41628)
      
      Modify CronJob API to add job history limits, cleanup jobs in controller
      
      **What this PR does / why we need it**:
      As discussed in #34710: this adds two limits to `CronJobSpec`, to limit the number of finished jobs created by a CronJob to keep.
      
      **Which issue this PR fixes**: fixes #34710
      
      **Special notes for your reviewer**:
      
      cc @soltysh, please have a look and let me know what you think -- I'll then add end to end testing and update the doc in a separate commit. What is the timeline to get this into 1.6?
      
      The plan:
      
      - [x] API changes
        - [x] Changing versioned APIs
          - [x] `types.go`
          - [x] `defaults.go` (nothing to do)
          - [x] `conversion.go` (nothing to do?)
          - [x] `conversion_test.go` (nothing to do?)
        - [x] Changing the internal structure
          - [x] `types.go`
          - [x] `validation.go`
          - [x] `validation_test.go`
        - [x] Edit version conversions
          - [x] Edit (nothing to do?)
          - [x] Run `hack/update-codegen.sh`
        - [x] Generate protobuf objects
          - [x] Run `hack/update-generated-protobuf.sh`
        - [x] Generate json (un)marshaling code
          - [x] Run `hack/update-codecgen.sh`
        - [x] Update fuzzer
      - [x] Actual logic
      - [x] Unit tests
      - [x] End to end tests
      - [x] Documentation changes and API specs update in separate commit
      
      
      **Release note**:
      
      ```release-note
      Add configurable limits to CronJob resource to specify how many successful and failed jobs are preserved.
      ```
      80e6492f
    • Kubernetes Submit Queue's avatar
      Merge pull request #41729 from smarterclayton/refactor_printers · 5c3791b9
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 41621, 41946, 41941, 41250, 41729)
      
      Refactor printers and describers into their own package.
      
      This sets the stage for using printer code from the server side (decoupled from kubectl) and loosens the coupling between kubectl and the printers. `pkg/printers` contains interfaces and has an import restriction against pulling in API specific code, while `pkg/printers/internalversion` can be used for internal types.
      
      Add a method on `Factory` for retrieving PrinterForCommand which uses the Scheme and RESTMapper from the Factory, not the hardcoded ones.  This further separates kubectl from the core API scheme and allows better composition.
      
      Change NamePrinter to use RESTMapper (previously it was hardcoding those conversions). This means that we now return plural resource names (`pods/foo`) but is correct once aliases and shortnames start being returned by the mapper.
      
      This is a prerequisite for server side get, but is pure refactor (contains no new features).
      
      @deads2k @liggitt
      5c3791b9