-
Notifications
You must be signed in to change notification settings - Fork 99
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump to kubernetes-v1.18.0-beta.2 #116
Bump to kubernetes-v1.18.0-beta.2 #116
Commits on Mar 12, 2020
-
go run k8s.io/publishing-bot/cmd/godeps-gen <(go list -m -json all | …
…jq 'select(.Version!="v0.0.0")') > Godeps/Godeps.json
Configuration menu - View commit details
-
Copy full SHA for 0b2a3e1 - Browse repository at this point
Copy the full SHA 0b2a3e1View commit details -
UPSTREAM: 00000: gRPC tests for encryption envelope are flaky
The tests need to be rewritten to be safe for concurrent use and for work in contended environments. Disabling the worst offenders and fixing reuse issues around the tests here. Origin-commit: b6281a54c84f20c2f0d35d6a44881e83b2e75227
Configuration menu - View commit details
-
Copy full SHA for 78736dc - Browse repository at this point
Copy the full SHA 78736dcView commit details
Commits on Mar 16, 2020
-
Configuration menu - View commit details
-
Copy full SHA for ff18876 - Browse repository at this point
Copy the full SHA ff18876View commit details -
UPSTREAM: 00000: add debugging for upgrade tests
Origin-commit: 2967069b36915643acca58da463753ba5b115759
Configuration menu - View commit details
-
Copy full SHA for cf5792d - Browse repository at this point
Copy the full SHA cf5792dView commit details -
UPSTREAM: 84466: legacy-cloud-providers/gce/gce_fake.go: NewFakeGCECl…
…oud: make sure that the secondary zone is also part of managedZones The DefaultTestClusterValues has two zones `ZoneName, ScondaryZoneName` set [1], but the FakeGCECloud would only use ZoneName as managedZone. So `TestUpdateInternalLoadBalancerNodes` that adds nodes and instancegroups in both zones fails with NotFound errors [1]: https://github.com/kubernetes/kubernetes/blob/bb052ceacb86d0603a5c2053a8c2c0c96abf83c5/staging/src/k8s.io/legacy-cloud-providers/gce/gce_fake.go#L45-L47 Origin-commit: 79d66e294a3906efd0351f125cefb4b9cc1c9ab4
Configuration menu - View commit details
-
Copy full SHA for af3b0c3 - Browse repository at this point
Copy the full SHA af3b0c3View commit details -
UPSTREAM: 84466: gce: ensureInternalInstanceGroups: reuse instance-gr…
…oups for internal load balancers Based on docs for internal loadbalancer here [1], backend services [2] and instances in instance-groups [3], following restrictions apply, - Internal LB can load balance to VMs in same region, but different subnets - Instance groups for the backend service must contain instance of the same subnet - An instance can only belong to one load balanced instance group It is probably useful use-case to have nodes for the cluster belong to more than one subnet. And the current setup fails to create an internal load balancer with nodes in multiple subnets. ``` I1023 22:05:24.070949 1 gce_loadbalancer_internal.go:478] ensureInternalInstanceGroup(k8s-ig--27083f8254ed83c2, us-west1-b): adding nodes: [jstuev-5hzjp-m-1.c.openshift-dev-installer.internal jstuev-5hzjp-w-b-54qkc.c.openshift-dev-installer.internal] E1023 22:05:25.385077 1 gce_loadbalancer.go:156] Failed to EnsureLoadBalancer(jstuev-5hzjp, openshift-ingress, router-default, a79c0f796db9e4157af2e2658433b3f6, us-west1), err: googleapi: Error 400: Resource 'projects/openshift-dev-installer/zones/us-west1-b/instances/jstuev-5hzjp-w-b-54qkc' is expected to be in the subnetwork 'projects/openshift-dev-installer/regions/us-west1/subnetworks/jstubyo-master-subnet' but is in the subnetwork 'projects/openshift-dev-installer/regions/us-west1/subnetworks/jstubyo-worker-subnet'., wrongSubnetwork ``` Also the use-case that some of these nodes (machines) might be part of some internal load balancer that is not managed by k8s is also pretty valid. for example, you might have the machines hosting the control-plane (kube-apiserver) want to be part of a separate ILB that provides access to the apiserver through LB not managed by the k8s Service type Load Balancer. But the current setup fails to create an interal load balancer like ``` r: failed to ensure load balancer: googleapi: Error 400: INSTANCE_IN_MULTIPLE_LOAD_BALANCED_IGS - Validation failed for instance 'projects/openshift-dev-installer/zones/us-west1-a/instances/jstuev-t285j-m-0': instance may belong to at most one load-balanced instance group. ``` So the subnet limitation should be automatically handled by the k8s cloud provider, but for now allowing users to create the IGs for instances that require this special setup should definietly help, and k8s cloud provider can just use those as-is, while maintaining the membership and lifecycle for ones created by it. This change finds pre-existing instance-groups that ONLY contain instances that belong to the cluster, uses them for the backend service. And only ensures instance-groups for remaining ones. [1]: https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-unmanaged-instances#addinstances [2]: https://cloud.google.com/load-balancing/docs/backend-service#restrictions_and_guidance [3]: https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-unmanaged-instances#addinstances Origin-commit: cfb25370a7c8f9bed9688cb334b4bc1c3342da0d
Configuration menu - View commit details
-
Copy full SHA for 4ef4225 - Browse repository at this point
Copy the full SHA 4ef4225View commit details -
UPSTREAM: 84568: test/e2e/apps: Skip or scale LB test per node count
Skip the "Deployment should not disrupt a cloud load-balancer's connectivity during rollout" test if the number of nodes is less than 2; otherwise, set the deployment's replicas equal to the lesser of 5 and the number of nodes. The test would fail if there were fewer nodes than replicas, but the test needs at least 2 nodes, and the likelihood of failure absent the feature under test increases with the number of replicas, so it is desirable to set replicas to a higher value, within reason. Follow-up to commit 980b640. * vendor/k8s.io/kubernetes/test/e2e/apps/deployment.go: Skip the load-balancer connectivity test unless there are at least 2 nodes. (testRollingUpdateDeploymentWithLocalTrafficLoadBalancer): Set replicas to the min of 5 and the number of nodes. Origin-commit: 3f09c3e5cd2f0a52e7549b376aefbb62b308dc7b
Configuration menu - View commit details
-
Copy full SHA for 8713894 - Browse repository at this point
Copy the full SHA 8713894View commit details -
UPSTREAM: 84466: gce: add ExternalInstanceGroupsPrefix to filter inst…
…ance groups that will be re-used for ILB backend Setting the prefix would allow cluster to only consider instance groups in the zone that are prefixed, reducing the number of candidates. If the prefix is empty, no external instance groups will be used to keep backward compatibility in terms of API calls. Origin-commit: e29c0b6ce3c068e02419a7b3cbc381b919981f50
Configuration menu - View commit details
-
Copy full SHA for 7487d0e - Browse repository at this point
Copy the full SHA 7487d0eView commit details -
UPSTREAM: 84466: gce: skip ensureInstanceGroup for a zone that has no…
… remaining nodes for k8s managed IG Make sure we don't ensure cluster-managed instance group for a zone that has no more nodes left. Creating am IG for a zone that has no instances causes errors when attaching to backend service. ``` failed to ensure load balancer: googleapi: Error 400: Invalid value for field 'resource.backends[5].group': 'https://www.googleapis.com/compute/v1/projects/openshift-qe/zones/us-central1-c/instanceGroups/k8s-ig--8d8682bc12c7a717'. Instance group must have a network to be attached to a backend service. Add an instance to give the instance group a network., invalid ``` Origin-commit: 3915cef99ee4eedc9755d454abb7e4efa2a63bff
Configuration menu - View commit details
-
Copy full SHA for 2cb382d - Browse repository at this point
Copy the full SHA 2cb382dView commit details -
Configuration menu - View commit details
-
Copy full SHA for bc8307a - Browse repository at this point
Copy the full SHA bc8307aView commit details
Commits on Mar 17, 2020
-
Configuration menu - View commit details
-
Copy full SHA for 647e357 - Browse repository at this point
Copy the full SHA 647e357View commit details -
Configuration menu - View commit details
-
Copy full SHA for 30c0b3f - Browse repository at this point
Copy the full SHA 30c0b3fView commit details -
UPSTREAM: <carry>: filter out CustomResourceQuota paths from OpenAPI
Origin-commit: b992ee2fcb5cd610e9242c3165908b6bc6e423f5 UPSTREAM: <carry>: filter out RBR and SCC paths from OpenAPI Origin-commit: 5ce9a77a641ec9d0399226af572e429317d3daf6 UPSTREAM: <carry>: filter out RBR and SCC paths from OpenAPI Origin-commit: 0ee08c7a5e138e8df2bd7d010e9ab59a6543cf63
Configuration menu - View commit details
-
Copy full SHA for 9c05123 - Browse repository at this point
Copy the full SHA 9c05123View commit details -
UPSTREAM: <carry>: patch aggregator to allow delegating resources
Origin-commit: 14ba1f8ece9a7bb00ececb2a35b5f8f5fbeacc83 UPSTREAM: <carry>: prevent apiservice registration by CRD controller when delegating Origin-commit: 3d216eab7adcbd8596606d72d31b6af621bfd350 UPSTREAM: <carry>: prevent CRD registration from fighting with APIServices Origin-commit: c1c87eeade4730a2271cb98b4c6ea16af07e3e68 UPSTREAM: <carry>: always delegate namespaced resources Origin-commit: 7f0815b5a88d57046a92fbdbc493bab2ad28a79c
Configuration menu - View commit details
-
Copy full SHA for e513c45 - Browse repository at this point
Copy the full SHA e513c45View commit details -
UPSTREAM: <carry>: remove apiservice from sync in CRD registration wh…
…en it exists Origin-commit: d3ceac4e065c3d2689192fda102303030cfdb928
Configuration menu - View commit details
-
Copy full SHA for dec1bc1 - Browse repository at this point
Copy the full SHA dec1bc1View commit details -
UPSTREAM: <carry>: create termination events
Origin-commit: a869af0c97e3d97bddedcd76af8a62da6c879c02
Configuration menu - View commit details
-
Copy full SHA for 024d542 - Browse repository at this point
Copy the full SHA 024d542View commit details -
UPSTREAM: <carry>: hardcoded restmapper with a few entries to reboots…
…trap SDN when SDN is down Origin-commit: 36c5e7d672bf82bd09ee382564bc03ef8e1b3a76
Configuration menu - View commit details
-
Copy full SHA for 0fe37e9 - Browse repository at this point
Copy the full SHA 0fe37e9View commit details -
UPSTREAM: <carry>: kubelet: Expose a simple journald shim on the kube…
…let logs endpoint Provide an administrator a streaming view of journal logs without them having to implement a client side reader. Only available to cluster admins.
Configuration menu - View commit details
-
Copy full SHA for 1f702cf - Browse repository at this point
Copy the full SHA 1f702cfView commit details -
UPSTREAM: <carry>: kubelet: XFS quota for emptyDir volumes
Origin-commit: 7331c6412a9ef1b23155d7fd928f4ddc6961a05b
Configuration menu - View commit details
-
Copy full SHA for 26974c1 - Browse repository at this point
Copy the full SHA 26974c1View commit details -
UPSTREAM: <carry>: kube-controller-manager: add service serving cert …
…signer to token controller :100644 100644 b32534e... 3e694fc... M pkg/controller/serviceaccount/tokens_controller.go
Configuration menu - View commit details
-
Copy full SHA for 6e0db2e - Browse repository at this point
Copy the full SHA 6e0db2eView commit details -
UPSTREAM: <carry>: kube-controller-manager: allow running bare kube-c…
…ontroller-manager
Configuration menu - View commit details
-
Copy full SHA for 9d95f78 - Browse repository at this point
Copy the full SHA 9d95f78View commit details -
Configuration menu - View commit details
-
Copy full SHA for a9b7094 - Browse repository at this point
Copy the full SHA a9b7094View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7b80c95 - Browse repository at this point
Copy the full SHA 7b80c95View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2d4d6bc - Browse repository at this point
Copy the full SHA 2d4d6bcView commit details -
UPSTREAM: <carry>: kube-apiserver: add our immortal namespaces direct…
…ly to admission plugin
Configuration menu - View commit details
-
Copy full SHA for 3531b48 - Browse repository at this point
Copy the full SHA 3531b48View commit details -
UPSTREAM: <carry>: kube-apiserver: allow injection of kube-apiserver …
…options Origin-commit: 33a71aff9bb4e204bf2e15af4cdfb5bd0525ce4e
Configuration menu - View commit details
-
Copy full SHA for acea896 - Browse repository at this point
Copy the full SHA acea896View commit details -
UPSTREAM: <carry>: kube-apiserver: priorize some CRD groups over others
Origin-commit: 10c14ca7ae63428823e58790c16078d8094e4b95
Configuration menu - View commit details
-
Copy full SHA for 5afd67b - Browse repository at this point
Copy the full SHA 5afd67bView commit details -
UPSTREAM: <carry>: storage: Disable ephemeral storage in tests
The feature gate is not yet enabled and may not be for several releases. Pod team owns allowing this to be used.
Configuration menu - View commit details
-
Copy full SHA for f6d8dd0 - Browse repository at this point
Copy the full SHA f6d8dd0View commit details -
UPSTREAM: <carry>: fix openapi violation file
Upstream does not verify the apiextensions-apiserver openapi output. We do. Origin-commit: c59fcc99d1897eda3f16e0cf7a911e6913644b6d
Configuration menu - View commit details
-
Copy full SHA for 1232237 - Browse repository at this point
Copy the full SHA 1232237View commit details -
UPSTREAM: <carry>: Always test PDB's during service upgrade test
The upstream can't enable this, but we need to do so in order to properly validate that cluster upgrades retain availability. Origin-commit: 917e8cb064643370573808e9aba8dbec5df456ff
Configuration menu - View commit details
-
Copy full SHA for 11780ab - Browse repository at this point
Copy the full SHA 11780abView commit details -
deads: UPSTREAM: <carry>: force dumping events on upgrade failure
Origin-commit: 9d5ba9e3f0436231f4eaab665bad2f9906ba746f
Configuration menu - View commit details
-
Copy full SHA for c8df2fc - Browse repository at this point
Copy the full SHA c8df2fcView commit details -
Configuration menu - View commit details
-
Copy full SHA for ecfe5a4 - Browse repository at this point
Copy the full SHA ecfe5a4View commit details -
Configuration menu - View commit details
-
Copy full SHA for a702c90 - Browse repository at this point
Copy the full SHA a702c90View commit details -
UPSTREAM: <carry>: bootstrap-rbac-policy: move over .well-known rules
Origin-commit: 45f159f05b92c893c175ffe968f89a34f5581f5b
Configuration menu - View commit details
-
Copy full SHA for 9460cd1 - Browse repository at this point
Copy the full SHA 9460cd1View commit details -
UPSTREAM: <carry>: Read availability zone name from metadata
Instead of making a request to Cinder we can read availability zone name from metadata. Origin-commit: ae11a2930f11948c5539612ca9177c1567d67207
Configuration menu - View commit details
-
Copy full SHA for 926db9f - Browse repository at this point
Copy the full SHA 926db9fView commit details -
UPSTREAM: <carry>: disable file locking for kubeconfig because it bre…
…aks tests Origin-commit: 020fcb4398633c83a8877c0c17053e80d400c6b2
Configuration menu - View commit details
-
Copy full SHA for 9340ee3 - Browse repository at this point
Copy the full SHA 9340ee3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 864374c - Browse repository at this point
Copy the full SHA 864374cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 0e2485c - Browse repository at this point
Copy the full SHA 0e2485cView commit details -
UPSTREAM: <carry>: Change timeout in eviction e2e test to account for…
… new kubelet delay in pod deletion
Configuration menu - View commit details
-
Copy full SHA for ede42da - Browse repository at this point
Copy the full SHA ede42daView commit details -
UPSTREAM: <carry>: add pod logs dump to e2e
Origin-commit: a1d5a1201d5fb4616187cd009f126f5fe7fa0787
Configuration menu - View commit details
-
Copy full SHA for e0649ad - Browse repository at this point
Copy the full SHA e0649adView commit details -
UPSTREAM: <carry>: disable AES24, not supported by FIPS
Origin-commit: beac12d815b4099cfd4f4d953da4b8789054be51
Configuration menu - View commit details
-
Copy full SHA for 024c459 - Browse repository at this point
Copy the full SHA 024c459View commit details -
UPSTREAM: <carry>: add crdvalidation for apiserver.spec.tlsSecurityPr…
…ofile Origin-commit: 84ba7fc304870a30df7136da14bccb4d5232f075
Configuration menu - View commit details
-
Copy full SHA for 939c5b0 - Browse repository at this point
Copy the full SHA 939c5b0View commit details -
UPSTREAM: <carry>: bump nodes ready timeout
Origin-commit: 4498bb4de03ff3a910fed10bed337ba2fcdf321d
Configuration menu - View commit details
-
Copy full SHA for db09207 - Browse repository at this point
Copy the full SHA db09207View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7e2d022 - Browse repository at this point
Copy the full SHA 7e2d022View commit details -
Configuration menu - View commit details
-
Copy full SHA for 55e6224 - Browse repository at this point
Copy the full SHA 55e6224View commit details -
UPSTREAM: <carry>: ignore StorageState and StorageVersionMigration wh…
…en checking custom columns (kubectl)
Configuration menu - View commit details
-
Copy full SHA for 104ef4d - Browse repository at this point
Copy the full SHA 104ef4dView commit details -
UPSTREAM: <carry>: Remove a redundant output in the tests
This line is not necessary for our test usage and should not be an issue in OpenShift (openshift-tests already verifies this correctly).
Configuration menu - View commit details
-
Copy full SHA for 1dee612 - Browse repository at this point
Copy the full SHA 1dee612View commit details -
UPSTREAM: <carry>: conditionally fill the UserAgent from the currentl…
…y running test OpenShift uses these function before any test is run and they cause NPE
Configuration menu - View commit details
-
Copy full SHA for 7be7d97 - Browse repository at this point
Copy the full SHA 7be7d97View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7e69da6 - Browse repository at this point
Copy the full SHA 7e69da6View commit details -
UPSTREAM: <drop>: skip PSP test that is inconsistently being skipped
Origin-commit: 131dbb4770bb3bed0c07d2a6ca0cbe4cba2556bb
Configuration menu - View commit details
-
Copy full SHA for ce722e4 - Browse repository at this point
Copy the full SHA ce722e4View commit details -
UPSTREAM: <carry>: Remove excessive logging during e2e upgrade test
This line makes the upgrade log output unreadable and provides no value during the set of tests it's used in: ``` Jan 12 20:49:25.628: INFO: cluster upgrade is Progressing: Working towards registry.svc.ci.openshift.org/ci-op-jbtg7jjb/release@sha256:144e73d125cce620bdf099be9a85225ade489a95622a70075d264ea3ff79219c: downloading update Jan 12 20:49:26.692: INFO: Poke("http://a74e3476115ce4d2d817a1e5ea608dad-802917831.us-east-1.elb.amazonaws.com:80/echo?msg=hello"): success Jan 12 20:49:28.727: INFO: Poke("http://a74e3476115ce4d2d817a1e5ea608dad-802917831.us-east-1.elb.amazonaws.com:80/echo?msg=hello"): success ``` Origin-commit: 1cdf04c0e15b79fad3e3a6ba896ed2bb3df42b78
Configuration menu - View commit details
-
Copy full SHA for 3d9b388 - Browse repository at this point
Copy the full SHA 3d9b388View commit details -
UPSTREAM: <carry>: simplify the authorizer patch to allow the flags t…
…o function Origin-commit: 0d7fb2d769d631054ec9ac0721aee623c96c1001
Configuration menu - View commit details
-
Copy full SHA for 292065c - Browse repository at this point
Copy the full SHA 292065cView commit details -
UPSTREAM: 88120: add dynamic certificate reloading for kube aggregator
Origin-commit: cb0b340d0e68c9524fa7fd6277f571b6aa68bf86
Configuration menu - View commit details
-
Copy full SHA for dfc1148 - Browse repository at this point
Copy the full SHA dfc1148View commit details -
Configuration menu - View commit details
-
Copy full SHA for b916adf - Browse repository at this point
Copy the full SHA b916adfView commit details -
UPSTREAM: <carry>: Extend default unit test timeout to 180s
The following packages have tests that exceed the default 120s timeout: k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler - The tests in this package collectively take longer than 120s. k8s.io/kubernetes/pkg/volume/csi - One of the unit tests has to wait 2 minutes for a timeout to validate its failure condition.
Configuration menu - View commit details
-
Copy full SHA for 145a91a - Browse repository at this point
Copy the full SHA 145a91aView commit details -
Configuration menu - View commit details
-
Copy full SHA for b9a8387 - Browse repository at this point
Copy the full SHA b9a8387View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1b8882c - Browse repository at this point
Copy the full SHA 1b8882cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5fd5429 - Browse repository at this point
Copy the full SHA 5fd5429View commit details -
Configuration menu - View commit details
-
Copy full SHA for a58ecee - Browse repository at this point
Copy the full SHA a58eceeView commit details -
Configuration menu - View commit details
-
Copy full SHA for 2dceee3 - Browse repository at this point
Copy the full SHA 2dceee3View commit details