-
Notifications
You must be signed in to change notification settings - Fork 40k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kubeadm: set pod-infra-container-image for the kubelet #70603
kubeadm: set pod-infra-container-image for the kubelet #70603
Conversation
/priority critical-urgent (copying prio from bug kubernetes/kubeadm#1003) |
/cc @kubernetes/sig-cluster-lifecycle-pr-reviews @mruepp |
@chuckha: GitHub didn't allow me to request PR reviews from the following users: mruepp. Note that only kubernetes members and repo collaborators can review this PR, and authors cannot review their own PRs. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
docker images after an init:
docker images after a join:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@chuckha thank you fixing this.
added a couple of comments about possible small changes.
@@ -250,6 +250,9 @@ const ( | |||
// PauseVersion indicates the default pause image version for kubeadm | |||
PauseVersion = "3.1" | |||
|
|||
// DefaultPauseImageVersion indicates the default version for the pause image | |||
DefaultPauseImageVersion = "3.1" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems to be duplicate of the above PauseVersion constant.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lol yes, it does 🤦♂️
cfg: &kubeadmapi.ClusterConfiguration{ | ||
ImageRepository: "test.repo", | ||
}, | ||
expected: "test.repo/pause:" + constants.DefaultPauseImageVersion, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
probably should be PauseVersion. same as GetPauseImage().
@@ -93,7 +91,7 @@ func getInitConfigurationFromCluster(kubeconfigDir string, client clientset.Inte | |||
// Also, the config map really should be KubeadmConfigConfigMap... | |||
configMap, err := client.CoreV1().ConfigMaps(metav1.NamespaceSystem).Get(constants.KubeadmConfigConfigMap, metav1.GetOptions{}) | |||
if err != nil { | |||
return nil, err | |||
return nil, errors.Wrap(err, "failed to get config map") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these Wrap calls are possibly outside of the scope of the PR?
but SGTM still.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh yeah, I added these because when I wanted them when I was debugging. not strictly necessary, but imo an improvement
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will never complain about this...
@@ -96,7 +97,8 @@ func runKubeletStart(c workflow.RunData) error { | |||
// Write env file with flags for the kubelet to use. We do not need to write the --register-with-taints for the master, | |||
// as we handle that ourselves in the markmaster phase | |||
// TODO: Maybe we want to do that some time in the future, in order to remove some logic from the markmaster phase? | |||
if err := kubeletphase.WriteKubeletDynamicEnvFile(&data.Cfg().NodeRegistration, data.Cfg().FeatureGates, false, data.KubeletDir()); err != nil { | |||
pauseImage := images.GetPauseImage(data.Cfg().ClusterConfiguration.ImageRepository) | |||
if err := kubeletphase.WriteKubeletDynamicEnvFile(&data.Cfg().NodeRegistration, data.Cfg().FeatureGates, pauseImage, false, data.KubeletDir()); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
something that @rosti suggested in the original PR was that we should pass ClusterConfiguration instead of feature gates and pause image to WriteKubeletDynamicEnvFile:
https://github.com/kubernetes/kubernetes/pull/66798/files#r206508620
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In fact, we can replace the first three parameters with InitConfiguration
here and move the GetPauseImage
call to WriteKubeletDynamicEnvFile
. This will have the benefit of tidying up the code and removing duplicate logic between here and postupgrade.go
@@ -56,6 +57,7 @@ func WriteKubeletDynamicEnvFile(nodeRegOpts *kubeadmapi.NodeRegistrationOptions, | |||
flagOpts := kubeletFlagsOpts{ | |||
nodeRegOpts: nodeRegOpts, | |||
featureGates: featureGates, | |||
pauseImage: pauseImage, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i guess we can keep featureGates and pauseImage as part of kubeletFlagsOpts, but obtain them from a ClusterConfiguration argument.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall looks OK. A few errors.Wrap
and some empty lines removed from imports look like not belonging to this change.
cmd/kubeadm/app/cmd/join.go
Outdated
@@ -532,11 +533,20 @@ func (j *Join) BootstrapKubelet(tlsBootstrapCfg *clientcmdapi.Config) error { | |||
return err | |||
} | |||
|
|||
imageRegistry := kubeadmapiv1beta1.DefaultImageRepository |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I know that "registry" is a more accurate term here, but I think, that we should be consistent with the reset of kubeadm and use the term "repository" here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hah, ok, that's reasonable, I will continue down the repository road
cmd/kubeadm/app/images/images.go
Outdated
@@ -53,16 +53,19 @@ func GetEtcdImage(cfg *kubeadmapi.ClusterConfiguration) string { | |||
return GetGenericImage(cfg.ImageRepository, constants.Etcd, etcdImageTag) | |||
} | |||
|
|||
// GetPauseImage returns the image for the "pause" container | |||
func GetPauseImage(registry string) string { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My vision for the funcs in the images files is for them to take ClusterConfiguration
and then figure out from there how to generate the image string. This way we can keep future changes to the way we generate the images to this file only.
I know, that this will look like an overkill for GetPauseImage
, but I think, that this may have benefits in the future and will keep things consistent with the rest of the bunch here.
@@ -96,7 +97,8 @@ func runKubeletStart(c workflow.RunData) error { | |||
// Write env file with flags for the kubelet to use. We do not need to write the --register-with-taints for the master, | |||
// as we handle that ourselves in the markmaster phase | |||
// TODO: Maybe we want to do that some time in the future, in order to remove some logic from the markmaster phase? | |||
if err := kubeletphase.WriteKubeletDynamicEnvFile(&data.Cfg().NodeRegistration, data.Cfg().FeatureGates, false, data.KubeletDir()); err != nil { | |||
pauseImage := images.GetPauseImage(data.Cfg().ClusterConfiguration.ImageRepository) | |||
if err := kubeletphase.WriteKubeletDynamicEnvFile(&data.Cfg().NodeRegistration, data.Cfg().FeatureGates, pauseImage, false, data.KubeletDir()); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In fact, we can replace the first three parameters with InitConfiguration
here and move the GetPauseImage
call to WriteKubeletDynamicEnvFile
. This will have the benefit of tidying up the code and removing duplicate logic between here and postupgrade.go
2900bb5
to
36f65e3
Compare
I'm not sure why github is still showing me the outdated comments but I think this is ready for another review @rosti @neolit123. |
images_test needs an update. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks for the update @chuckha
LGTM added one minor comment to fix CI.
} | ||
for _, tc := range testcases { | ||
t.Run(tc.name, func(t *testing.T) { | ||
actual := GetPauseImage(tc.cfg.ImageRepository) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
tc.cfg
36f65e3
to
570457c
Compare
/retest |
/assign @timothysc |
570457c
to
650714d
Compare
/test pull-kubernetes-integration |
1 similar comment
/test pull-kubernetes-integration |
/retest |
/test pull-kubernetes-e2e-kops-aws |
650714d
to
8a5d21b
Compare
The kubelet allows you to set `--pod-infra-container-image` (also called `PodSandboxImage` in the kubelet config), which can be a custom location to the "pause" image in the case of Docker. Other CRIs are not supported. Set the CLI flag for the Docker case in flags.go using WriteKubeletDynamicEnvFile().
8a5d21b
to
9a37f2d
Compare
/retest |
1 similar comment
/retest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work!
/lgtm
/approve
@@ -93,7 +91,7 @@ func getInitConfigurationFromCluster(kubeconfigDir string, client clientset.Inte | |||
// Also, the config map really should be KubeadmConfigConfigMap... | |||
configMap, err := client.CoreV1().ConfigMaps(metav1.NamespaceSystem).Get(constants.KubeadmConfigConfigMap, metav1.GetOptions{}) | |||
if err != nil { | |||
return nil, err | |||
return nil, errors.Wrap(err, "failed to get config map") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will never complain about this...
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: chuckha, timothysc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@chuckha I would revise the release notes to denote the behavior on the kubelet as well. |
@timothysc updated |
not support contained CRI? |
Currently, this option is only for Docker. If you use any other CRI you have to check with its documentation and pass an equivalent option manually. |
The kubelet allows you to set
--pod-infra-container-image
(also called
PodSandboxImage
in the kubelet config),which can be a custom location to the "pause" image in the case
of Docker. Other CRIs are not supported.
Set the CLI flag for the Docker case in flags.go using
WriteKubeletDynamicEnvFile().
This PR also cleans up some unwrapped errors.
What type of PR is this?
What this PR does / why we need it:
This PR properly allows image repository to be passed to the kubelet for the sandbox image.
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes kubernetes/kubeadm#1003
Special notes for your reviewer:
Does this PR introduce a user-facing change?: