starlingx/integ
Code Issues Proposed changes
424c00985e
integ/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/Revert-kubeadm-only-apply-the-new-control-plane-labe.patch
Jim Gauld 4b77ab2b96 kubernetes: Revert kubeadm control-plane label changes for 1.24 
Upstream has deprecated 'node-role.kubernetes.io/master'
to use 'node-role.kubernetes.io/control-plane' in k8s 1.24.
To preserve backwards compatibility we need to revert back to using
the 'node-role.kubernetes.io/master' taint.

Platform and applications need to be updated to use 'control-plane'
with nodeSelector/Tolerations so we may upgrade from 'master'.

Test-plan:
PASS: kubernetes-1.24.4 package builds
PASS: AIO-SX Fresh install of ISO with k8s 1.24.4

Story: 2010301
Task: 46564

Signed-off-by: Jim Gauld <james.gauld@windriver.com>
Change-Id: I660bf2bc0bbf50cdff85b9c72477e53b176c9ed9
2022-10-13 16:20:27 -04:00

124 lines
6.2 KiB
Diff
Raw Blame History

From 0119bd093db1d72ebf4fa00c4869979da2f9e2a1 Mon Sep 17 00:00:00 2001
From: Jim Gauld <James.Gauld@windriver.com>
Date: Wed, 12 Oct 2022 14:00:33 -0400
Subject: [PATCH 4/5] Revert "kubeadm: only apply the new "control-plane" label
during init/join"
This reverts commit a3d5e5598290df09f4ffd5cf6813653a346c8f4c.
---
.../phases/markcontrolplane/markcontrolplane.go | 14 +++++++++++---
.../markcontrolplane/markcontrolplane_test.go | 9 ++++++---
cmd/kubeadm/app/util/staticpod/utils.go | 7 +++++++
3 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane.go b/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane.go
index dd4c89eca6d..c68f80f7fd6 100644
--- a/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane.go
+++ b/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane.go
@@ -19,23 +19,31 @@ package markcontrolplane
import (
"fmt"
- v1 "k8s.io/api/core/v1"
+ "k8s.io/api/core/v1"
clientset "k8s.io/client-go/kubernetes"
"k8s.io/kubernetes/cmd/kubeadm/app/constants"
"k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient"
)
-// labelsToAdd holds a list of labels that are applied on kubeadm managed control plane nodes
var labelsToAdd = []string{
+ // TODO: remove this label:
+ // https://github.com/kubernetes/kubeadm/issues/2200
+ constants.LabelNodeRoleOldControlPlane,
constants.LabelNodeRoleControlPlane,
constants.LabelExcludeFromExternalLB,
}
// MarkControlPlane taints the control-plane and sets the control-plane label
func MarkControlPlane(client clientset.Interface, controlPlaneName string, taints []v1.Taint) error {
+ // TODO: remove this "deprecated" amend and pass "labelsToAdd" directly:
+ // https://github.com/kubernetes/kubeadm/issues/2200
+ labels := make([]string, len(labelsToAdd))
+ copy(labels, labelsToAdd)
+ labels[0] = constants.LabelNodeRoleOldControlPlane + "(deprecated)"
+
fmt.Printf("[mark-control-plane] Marking the node %s as control-plane by adding the labels: %v\n",
- controlPlaneName, labelsToAdd)
+ controlPlaneName, labels)
if len(taints) > 0 {
taintStrs := []string{}
diff --git a/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane_test.go b/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane_test.go
index b171072f80a..cb9275124ab 100644
--- a/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane_test.go
+++ b/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane_test.go
@@ -49,25 +49,26 @@ func TestMarkControlPlane(t *testing.T) {
existingLabels: []string{""},
existingTaints: nil,
newTaints: []v1.Taint{kubeadmconstants.OldControlPlaneTaint},
- expectedPatch: `{"metadata":{"labels":{"node-role.kubernetes.io/control-plane":"","node.kubernetes.io/exclude-from-external-load-balancers":""}},"spec":{"taints":[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master"}]}}`,
+ expectedPatch: `{"metadata":{"labels":{"node-role.kubernetes.io/control-plane":"","node-role.kubernetes.io/master":"","node.kubernetes.io/exclude-from-external-load-balancers":""}},"spec":{"taints":[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master"}]}}`,
},
{
name: "control-plane label and taint missing but taint not wanted",
existingLabels: []string{""},
existingTaints: nil,
newTaints: nil,
- expectedPatch: `{"metadata":{"labels":{"node-role.kubernetes.io/control-plane":"","node.kubernetes.io/exclude-from-external-load-balancers":""}}}`,
+ expectedPatch: `{"metadata":{"labels":{"node-role.kubernetes.io/control-plane":"","node-role.kubernetes.io/master":"","node.kubernetes.io/exclude-from-external-load-balancers":""}}}`,
},
{
name: "control-plane label missing",
existingLabels: []string{""},
existingTaints: []v1.Taint{kubeadmconstants.OldControlPlaneTaint},
newTaints: []v1.Taint{kubeadmconstants.OldControlPlaneTaint},
- expectedPatch: `{"metadata":{"labels":{"node-role.kubernetes.io/control-plane":"","node.kubernetes.io/exclude-from-external-load-balancers":""}}}`,
+ expectedPatch: `{"metadata":{"labels":{"node-role.kubernetes.io/control-plane":"","node-role.kubernetes.io/master":"","node.kubernetes.io/exclude-from-external-load-balancers":""}}}`,
},
{
name: "control-plane taint missing",
existingLabels: []string{
+ kubeadmconstants.LabelNodeRoleOldControlPlane,
kubeadmconstants.LabelNodeRoleControlPlane,
kubeadmconstants.LabelExcludeFromExternalLB,
},
@@ -78,6 +79,7 @@ func TestMarkControlPlane(t *testing.T) {
{
name: "nothing missing",
existingLabels: []string{
+ kubeadmconstants.LabelNodeRoleOldControlPlane,
kubeadmconstants.LabelNodeRoleControlPlane,
kubeadmconstants.LabelExcludeFromExternalLB,
},
@@ -88,6 +90,7 @@ func TestMarkControlPlane(t *testing.T) {
{
name: "has taint and no new taints wanted",
existingLabels: []string{
+ kubeadmconstants.LabelNodeRoleOldControlPlane,
kubeadmconstants.LabelNodeRoleControlPlane,
kubeadmconstants.LabelExcludeFromExternalLB,
},
diff --git a/cmd/kubeadm/app/util/staticpod/utils.go b/cmd/kubeadm/app/util/staticpod/utils.go
index 75efc4f0f98..f0d8fed0d46 100644
--- a/cmd/kubeadm/app/util/staticpod/utils.go
+++ b/cmd/kubeadm/app/util/staticpod/utils.go
@@ -287,6 +287,13 @@ func createHTTPProbe(host, path string, port int, scheme v1.URIScheme, initialDe
// GetAPIServerProbeAddress returns the probe address for the API server
func GetAPIServerProbeAddress(endpoint *kubeadmapi.APIEndpoint) string {
+ // In the case of a self-hosted deployment, the initial host on which kubeadm --init is run,
+ // will generate a DaemonSet with a nodeSelector such that all nodes with the label
+ // node-role.kubernetes.io/master='' will have the API server deployed to it. Since the init
+ // is run only once on an initial host, the API advertise address will be invalid for any
+ // future hosts that do not have the same address. Furthermore, since liveness and readiness
+ // probes do not support the Downward API we cannot dynamically set the advertise address to
+ // the node's IP. The only option then is to use localhost.
if endpoint != nil && endpoint.AdvertiseAddress != "" {
return getProbeAddress(endpoint.AdvertiseAddress)
}
--
2.25.1
View Git Blame Copy Permalink