Use config file to join nodes to the cluster#616
Use config file to join nodes to the cluster#616aojea wants to merge 7 commits intokubernetes-sigs:masterfrom
Conversation
|
/assign @neolit123 |
| kubeletExtraArgs: | ||
| fail-swap-on: "false" | ||
| {{ if .APIAdvertiseAddress -}} | ||
| node-ip: "{{ .APIAdvertiseAddress }}" |
There was a problem hiding this comment.
could you please explain why we need node-ip here?
There was a problem hiding this comment.
Ipv6 needs it, otherwise Kubelet picks the ipv4
There was a problem hiding this comment.
understood.
would the kubelet long term always default to an ipv4 from the default interface...or would it be able to somehow pick a ipv6?
There was a problem hiding this comment.
IIRC the logic implemented in Kubernetes always defaults to the IPv4 address ... don´t think that´s a behavior that can change soon ... will add it to my backlog, it can be something interesting to implement though
| // assume the latest API version, then fallback if the k8s version is too low | ||
| templateSource := ConfigTemplateBetaV2 | ||
| if ver.LessThan(version.MustParseSemantic("v1.12.0")) { | ||
| templateSource = ConfigTemplateAlphaV2 |
There was a problem hiding this comment.
did we drop the kind 1.11 tests already?
There was a problem hiding this comment.
Yeah, they aren't running, also 1.15 is close to be ready... No strong feelings but we should move on sooner or later :)
There was a problem hiding this comment.
We only did because one of the tests is broken and officially Kubernetes CI won't support it. We should make best effort to support feasible versions.
There was a problem hiding this comment.
I dropped the 1.11 in a separate commit, let me remove that commit and figure out the code for the v1alpha2 config files
| // JoinConfigTemplate is the kubadm join config template | ||
| const JoinConfigTemplate = `# config generated by kind | ||
| # no-op entry that exists solely so it can be patched | ||
| apiVersion: kubeadm.k8s.io/{{ .KubedamAPI }} |
There was a problem hiding this comment.
IMO, the correct way is separate constants - JoinConfigTemplate<version>.
the API is v1betav2, but still not final.
but also we already have JoinConfiguration as part of the other config templates, which is there for the sake of being patchable from kustomize. isn't it already used when nodes are joining?
There was a problem hiding this comment.
Joins are done with the command line, i took one option but I'm missing lot of context, appreciate any feedback and advice
There was a problem hiding this comment.
i think we can pass the same kubeadm.cfg to both init and join (with the multi-yaml doc; --- separated). i was under the impression we are already doing that.
There was a problem hiding this comment.
I abandoned that idea because I thought that will break the kubeadm join and it could simplify the join file creation since it needs fewer parameters, any way you're the expert here
| } | ||
|
|
||
| if err = writeKubeadmJoinConfiguration(node, joinAddress); err != nil { | ||
| return errors.Wrapf(err, "failed to generate kubeadm join configuration") |
There was a problem hiding this comment.
...the kubeadm JoinConfiguration
| // get installed kubernetes version from the node image | ||
| kubeVersion, err := node.KubeVersion() | ||
| if err != nil { | ||
| return errors.Wrap(err, "failed to get kubernetes version from node") |
|
seems join configuration for v1.12 needs a different template, it fails with |
|
it needs a token: |
| // increase verbosity for debugging | ||
| "--v=6", | ||
| "--cri-socket=/run/containerd/containerd.sock", | ||
| "--config=/kind/kubeadm-join.conf", |
There was a problem hiding this comment.
needs to be done for CP nodes too.
EDIT: for v1alpha3 joining CP nodes needs a bool
https://github.com/kubernetes/kubernetes/blob/release-1.12/cmd/kubeadm/app/apis/kubeadm/v1alpha3/types.go#L299-L302
for v1beta* it uses a pointer to an object where the endpoint is:
https://github.com/kubernetes/kubernetes/blob/release-1.14/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go#L315-L323
| "--ignore-preflight-errors=all", | ||
| // increase verbosity for debugging | ||
| "--v=6", | ||
| "--cri-socket=/run/containerd/containerd.sock", |
There was a problem hiding this comment.
no need to pass if present in config.
| node-ip: "{{ .NodeAddress }}" | ||
| discovery: | ||
| bootstrapToken: | ||
| apiServerEndpoint: "{{ .JoinAddress }}" |
There was a problem hiding this comment.
for v1alpha3 it's different:
https://github.com/kubernetes/kubernetes/blob/release-1.12/cmd/kubeadm/app/apis/kubeadm/v1alpha3/types.go#L299-L302
(thus the recommendation to have separate constants)
for v1beta* this seems OK.
| // TODO(bentheelder): limit the set of acceptable errors | ||
| "--ignore-preflight-errors=all", | ||
| // increase verbosity for debugging | ||
| // increase verbosity for debug |
There was a problem hiding this comment.
seems I cleaned more than necessary 😓
BenTheElder
left a comment
There was a problem hiding this comment.
Please do not unnecessarily break v1.11.X support.
Also:
- there should be a single config template per version
- the config file should be generated per node but with the same mechanism
- this should correctly handle each node's Kubernetes version
|
I want to take another pass when I'm a little more awake but this looks right now and like a great improvement, thank you! |
|
failing to join workers locally with 1.11, investigating... |
|
v1.11 doesn't have kubernetes/kubernetes@9109e62 🙃 |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: aojea, BenTheElder The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
| return err | ||
| } | ||
| if len(workers) > 0 { | ||
| kubeadmClusterConfig.ControlPlane = false |
There was a problem hiding this comment.
this can cause all config templates to be controlplane=false
that's because while the function calls will get a pass by value of this struct, they copy from the same shared instance of the struct and we assign to it here
I'm fixing this in the patch to fix v1.11
|
/hold |
|
since this hadn't merged by the time I filed the follow up, I'm just including these commits in #632 😅 |
|
included in #632 thank you!! |
This avoids having to write configuration files on runtime,
however, seems that the control plane nodes can't use it