Automatic merge from submit-queue
federation: fix dns provider initialization issues
This PR is based on the integration test with Google DNS API. This is the first time of full integration test.
So multiple issues was found and I combined all of them in this single PR
1. add dns provider initialization and add ensureDns call when removing federation service.
2. add new flags federation-name and zone-name to controller manager, both are used as part of the dns record name
3. fix assertion failure at rrsets.go#L61, which will cause panic
4. change getFederationDNSZoneName to get zoneName from config instead of hard code
5. change logic of ensureDnsRrsets, only add new dns record when endpointReachable(set to true when ready address is catched) is true
6. fix bug in processEndpointUpdate, only call ensuredns when ready address is caught
7. change behavior of syncService, there is cases that endpoint is created before ingress IP assignment, so before there is defect for this case, ensureDns was not called when service being updated, so if Ingress IP is assigned after endpoint ready address is caught, the corresponding A records can not be created
8. add a checking before update federation service
@nikhiljindal , can you help to add 1.3 milestone when @quinton-hoole is on leave?
Thanks.
[]()
Automatic merge from submit-queue
Updating federation up scripts to work in non e2e setup
Ref: https://github.com/kubernetes/kubernetes.github.io/pull/656
Updating the federation up scripts so that they work as per steps in https://github.com/kubernetes/kubernetes.github.io/pull/656.
Changes are:
* Updating the default namespace to be "federation" instead of "federation-e2e"
* Updated the kubeconfig context to be named "federation-cluster" instead of "federated-context"
* Fixing federation-up so that FEDERATION_IMAGE_TAG is set even when federation-up is run without running `e2e.go --up`. e2e-up.sh sets it here: 6a388d4a0d/hack/e2e-internal/e2e-up.sh (L44).
* Adding a "missingkey=zero" option to template parser. Without this, the parser adds `"<no value>"` at the place of an env var that is not set. With this change, it instead replaces it with the corresponding zero value (for ex "" for strings). This is required for the FEDERATION_DNS_PROVIDER_CONFIG env var.
cc @kubernetes/sig-cluster-federation @colhom @mml
Automatic merge from submit-queue
federation service controller: fixing a bug so that existing services are created in newly registered clusters
A defect on federation service controller.
Steps to recreate:
1. boot federation control plane
2. create a service and then register a new cluster
Root cause:
the right sequence should be
```
servicesToUpdate = s.serviceCache.allServices()
```
then
```
s.updateAllServicesToCluster(servicesToUpdate, newCluster)
```
then
```
servicesToUpdate = s.updateDNSRecords(servicesToUpdate, newClusters)
```
Now the first two lines' sequence is on the contrary, so when updateDNSRecords return no error, the service will be removed from servicesToUpdate, and updateAllServicesToCluster get nothing to update.
This PR make the call sequence correct.
[]()
Automatic merge from submit-queue
federation: Updating federation-controller-manager to use secret to get federation-apiserver's kubeconfig
Fixing the credentials problem: https://github.com/kubernetes/kubernetes/issues/26762#issuecomment-223690990.
Admin will create a secret with the name "federation-apiserver-secret" in the k8s cluster hosting the federation control plane. This secret will contain the kubeconfig to access federation-apiserver.
federation-controller-manager will use this secret to contact the federation-apiserver.
This flow is same as the one used by all federation-controllers to contact k8s apiservers that are part of the federation.
cc @kubernetes/sig-cluster-federation @lavalamp @erictune @colhom
Automatic merge from submit-queue
federation: Update the list of supported admission controls
Ref https://github.com/kubernetes/kubernetes/pull/26298#issuecomment-221697124
In 1.3, we are going to support only AlwaysAdmit and AlwaysDeny admission controls.
Updating the documentation accordingly.
@kubernetes/sig-cluster-federation
Automatic merge from submit-queue
federation: Adding federation controller manager to federation e2es
Adding federation controller manager to federation e2es.
Havent been able to verify that this works: https://github.com/kubernetes/kubernetes/pull/25125#issuecomment-222860475
Followed the same patter as federation-apiserver and made the changes at same places, so hopefully should work :)
Automatic merge from submit-queue
Add direct serializer
Fix#25589. Implemented a direct codec that doesn't do conversion, but sets the group, version and kind before serialization as Clayton suggested [here](https://github.com/kubernetes/kubernetes/issues/25589#issuecomment-219168009).
First commit is cherry-picked from #24826.
@kubernetes/sig-api-machinery
Automatic merge from submit-queue
Add federation cluster status zone update
Hi Nikhil
Here's the cluster zone update stuff we discussed today.
What's remaining:
1. Rebase against #26308 (as soon as it merges) to expose the zones and region fields of cluster status.
2. Get hold of a cluster client via which to query nodes in the cluster. Currently we only have a DiscoveryClient, which doesn't know how to list nodes.
Any advice on the latter much appreciated. Specifically how do I get a cluster client from a discovery client?
Q
Automatic merge from submit-queue
Make UnsafeConversion fast by inlining copies
Not ready yet (need to add a copy to "safe" conversion and add mutation tests to roundtrip api/serialization_test).
Cuts another 10% off decode and encode.
