Adjust kube-apiserver anchor readiness
To avoid cycling the pods in the anchor daemonset too quickly, only consider a kubernetes-apiserver-anchor pod ready if: - it created the static manifest kubernetes-apiserver.yaml - the kubernetes-apiserver pod on the same host is ready Change-Id: I53dd1c044332946eeb965f07ae828910f00b04c6
This commit is contained in:
parent
3e28b0ee2d
commit
41b3ad3dbb
@ -26,6 +26,8 @@ snapshot_files() {
|
|||||||
cp "/tmp/etc/{{ $val.file }}" "${SNAPSHOT_DIR}/etc/kubernetes/apiserver/{{ $val.file }}"
|
cp "/tmp/etc/{{ $val.file }}" "${SNAPSHOT_DIR}/etc/kubernetes/apiserver/{{ $val.file }}"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
# annotate the static manifest with the name of the creating anchor pod
|
||||||
|
sed -i "/created-by: /s/ANCHOR_POD/${POD_NAME}/" "${SNAPSHOT_DIR}{{ .Values.anchor.kubelet.manifest_path }}/kubernetes-apiserver.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
compare_copy_files() {
|
compare_copy_files() {
|
||||||
|
@ -69,6 +69,10 @@ spec:
|
|||||||
value: /host{{ .Values.anchor.kubelet.manifest_path }}/{{ .Values.service.name }}.yaml
|
value: /host{{ .Values.anchor.kubelet.manifest_path }}/{{ .Values.service.name }}.yaml
|
||||||
- name: PKI_PATH
|
- name: PKI_PATH
|
||||||
value: /host{{ .Values.apiserver.host_etc_path }}/pki
|
value: /host{{ .Values.apiserver.host_etc_path }}/pki
|
||||||
|
- name: POD_NAME
|
||||||
|
valueFrom:
|
||||||
|
fieldRef:
|
||||||
|
fieldPath: metadata.name
|
||||||
command: ["/bin/sh","-c"]
|
command: ["/bin/sh","-c"]
|
||||||
args: ["/tmp/bin/anchor"]
|
args: ["/tmp/bin/anchor"]
|
||||||
lifecycle:
|
lifecycle:
|
||||||
@ -83,6 +87,7 @@ spec:
|
|||||||
- /bin/bash
|
- /bin/bash
|
||||||
- -c
|
- -c
|
||||||
- |-
|
- |-
|
||||||
|
grep -q "created-by: ${POD_NAME}" "${MANIFEST_PATH}" || exit 1
|
||||||
if [ ! -f /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem ]; then
|
if [ ! -f /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem ]; then
|
||||||
cat /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-key.pem <(echo) /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver.pem > /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem
|
cat /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-key.pem <(echo) /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver.pem > /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem
|
||||||
fi
|
fi
|
||||||
|
@ -66,6 +66,7 @@ metadata:
|
|||||||
{{ tuple $envAll "kubernetes" "apiserver" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
{{ tuple $envAll "kubernetes" "apiserver" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
annotations:
|
annotations:
|
||||||
{{ $envAll | include "kubernetes_apiserver.key_annotation" }}
|
{{ $envAll | include "kubernetes_apiserver.key_annotation" }}
|
||||||
|
created-by: ANCHOR_POD
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
{{- dict "envAll" $envAll "podName" "apiserver" "containerNames" (list "apiserver") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
{{- dict "envAll" $envAll "podName" "apiserver" "containerNames" (list "apiserver") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
||||||
spec:
|
spec:
|
||||||
|
Loading…
Reference in New Issue
Block a user