Skip to content

Commit

Permalink
Merge pull request #6547 from tstromberg/apiserver-extra-opts
Browse files Browse the repository at this point in the history
kubeadm template: Combine apiserver certSANs with extraArgs
  • Loading branch information
tstromberg authored Feb 7, 2020
2 parents 07c5f6b + 7ff41cf commit 82326fe
Show file tree
Hide file tree
Showing 60 changed files with 99 additions and 136 deletions.
33 changes: 23 additions & 10 deletions pkg/minikube/bootstrapper/bsutil/extraconfig.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,11 @@ const (
KubeadmConfigParam = iota
)

// componentExtraArgs holds extra args for a component
type componentExtraArgs struct {
// componentOptions holds extra args for a component
type componentOptions struct {
Component string
Options map[string]string
ExtraArgs map[string]string
Pairs map[string]string
}

// mapping of component to the section name in kubeadm.
Expand Down Expand Up @@ -122,9 +123,9 @@ func defaultOptionsForComponentAndVersion(component string, version semver.Versi
return versionedOpts, nil
}

// newComponentExtraArgs creates a new ComponentExtraArgs
func newComponentExtraArgs(opts config.ExtraOptionSlice, version semver.Version, featureGates string) ([]componentExtraArgs, error) {
var kubeadmExtraArgs []componentExtraArgs
// newComponentOptions creates a new componentOptions
func newComponentOptions(opts config.ExtraOptionSlice, version semver.Version, featureGates string, cp config.Node) ([]componentOptions, error) {
var kubeadmExtraArgs []componentOptions
for _, extraOpt := range opts {
if _, ok := componentToKubeadmConfigKey[extraOpt.Component]; !ok {
return nil, fmt.Errorf("unknown component %q. valid components are: %v", componentToKubeadmConfigKey, componentToKubeadmConfigKey)
Expand All @@ -150,19 +151,31 @@ func newComponentExtraArgs(opts config.ExtraOptionSlice, version semver.Version,
extraConfig["feature-gates"] = featureGates
}
if len(extraConfig) > 0 {
kubeadmExtraArgs = append(kubeadmExtraArgs, componentExtraArgs{
kubeadmExtraArgs = append(kubeadmExtraArgs, componentOptions{
Component: kubeadmComponentKey,
Options: extraConfig,
ExtraArgs: extraConfig,
Pairs: optionPairsForComponent(component, version, cp),
})
}
}

return kubeadmExtraArgs, nil
}

// optionPairsForComponent generates a map of value pairs for a k8s component
func optionPairsForComponent(component string, version semver.Version, cp config.Node) map[string]string {
// For the ktmpl.V1Beta1 users
if component == Apiserver && version.GTE(semver.MustParse("1.14.0-alpha.0")) {
return map[string]string{
"certSANs": fmt.Sprintf(`["127.0.0.1", "localhost", "%s"]`, cp.IP),
}
}
return nil
}

// createExtraComponentConfig generates a map of component to extra args for all of the components except kubeadm
func createExtraComponentConfig(extraOptions config.ExtraOptionSlice, version semver.Version, componentFeatureArgs string) ([]componentExtraArgs, error) {
extraArgsSlice, err := newComponentExtraArgs(extraOptions, version, componentFeatureArgs)
func createExtraComponentConfig(extraOptions config.ExtraOptionSlice, version semver.Version, componentFeatureArgs string, cp config.Node) ([]componentOptions, error) {
extraArgsSlice, err := newComponentOptions(extraOptions, version, componentFeatureArgs, cp)
if err != nil {
return nil, err
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/minikube/bootstrapper/bsutil/ktmpl/v1alpha1.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ nodeName: {{.NodeName}}
apiServerCertSANs: ["127.0.0.1", "localhost", "{{.AdvertiseAddress}}"]
{{if .ImageRepository}}imageRepository: {{.ImageRepository}}
{{end}}{{if .CRISocket}}criSocket: {{.CRISocket}}
{{end}}{{range .ExtraArgs}}{{.Component}}ExtraArgs:{{range $i, $val := printMapInOrder .Options ": " }}
{{end}}{{range .ComponentOptions}}{{.Component}}ExtraArgs:{{range $i, $val := printMapInOrder .ExtraArgs ": " }}
{{$val}}{{end}}
{{end}}{{if .FeatureArgs}}featureGates: {{range $i, $val := .FeatureArgs}}
{{$i}}: {{$val}}{{end}}
Expand Down
2 changes: 1 addition & 1 deletion pkg/minikube/bootstrapper/bsutil/ktmpl/v1alpha3.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1alpha3
kind: ClusterConfiguration
{{if .ImageRepository}}imageRepository: {{.ImageRepository}}
{{end}}{{range .ExtraArgs}}{{.Component}}ExtraArgs:{{range $i, $val := printMapInOrder .Options ": " }}
{{end}}{{range .ComponentOptions}}{{.Component}}ExtraArgs:{{range $i, $val := printMapInOrder .ExtraArgs ": " }}
{{$val}}{{end}}
{{end -}}
{{if .FeatureArgs}}featureGates: {{range $i, $val := .FeatureArgs}}
Expand Down
9 changes: 5 additions & 4 deletions pkg/minikube/bootstrapper/bsutil/ktmpl/v1beta1.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,12 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
{{ if .ImageRepository}}imageRepository: {{.ImageRepository}}
{{end}}{{range .ExtraArgs}}{{.Component}}:
{{end}}{{range .ComponentOptions}}{{.Component}}:
{{- range $k, $v := .Pairs }}
{{$k}}: {{$v}}
{{- end}}
extraArgs:
{{- range $i, $val := printMapInOrder .Options ": " }}
{{- range $i, $val := printMapInOrder .ExtraArgs ": " }}
{{$val}}
{{- end}}
{{end -}}
Expand All @@ -52,8 +55,6 @@ kind: ClusterConfiguration
{{end -}}{{end -}}
certificatesDir: {{.CertDir}}
clusterName: {{.ClusterName}}
apiServer:
certSANs: ["127.0.0.1", "localhost", "{{.AdvertiseAddress}}"]
controlPlaneEndpoint: localhost:{{.APIServerPort}}
dns:
type: CoreDNS
Expand Down
9 changes: 5 additions & 4 deletions pkg/minikube/bootstrapper/bsutil/ktmpl/v1beta2.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,12 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
{{ if .ImageRepository}}imageRepository: {{.ImageRepository}}
{{end}}{{range .ExtraArgs}}{{.Component}}:
{{end}}{{range .ComponentOptions}}{{.Component}}:
{{- range $k, $v := .Pairs }}
{{$k}}: {{$v}}
{{- end}}
extraArgs:
{{- range $i, $val := printMapInOrder .Options ": " }}
{{- range $i, $val := printMapInOrder .ExtraArgs ": " }}
{{$val}}
{{- end}}
{{end -}}
Expand All @@ -52,8 +55,6 @@ kind: ClusterConfiguration
{{end -}}{{end -}}
certificatesDir: {{.CertDir}}
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "{{.AdvertiseAddress}}"]
controlPlaneEndpoint: localhost:{{.APIServerPort}}
controllerManager: {}
dns:
Expand Down
18 changes: 10 additions & 8 deletions pkg/minikube/bootstrapper/bsutil/kubeadm.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import (
"path"

"github.com/blang/semver"
"github.com/golang/glog"
"github.com/pkg/errors"
"k8s.io/minikube/pkg/minikube/bootstrapper/bsutil/ktmpl"
"k8s.io/minikube/pkg/minikube/config"
Expand All @@ -48,11 +49,6 @@ func GenerateKubeadmYAML(mc config.MachineConfig, r cruntime.Manager) ([]byte, e
return nil, errors.Wrap(err, "parses feature gate config for kubeadm and component")
}

extraComponentConfig, err := createExtraComponentConfig(k8s.ExtraOptions, version, componentFeatureArgs)
if err != nil {
return nil, errors.Wrap(err, "generating extra component config for kubeadm")
}

// In case of no port assigned, use default
cp, err := config.PrimaryControlPlane(mc)
if err != nil {
Expand All @@ -63,6 +59,11 @@ func GenerateKubeadmYAML(mc config.MachineConfig, r cruntime.Manager) ([]byte, e
nodePort = constants.APIServerPort
}

componentOpts, err := createExtraComponentConfig(k8s.ExtraOptions, version, componentFeatureArgs, cp)
if err != nil {
return nil, errors.Wrap(err, "generating extra component config for kubeadm")
}

opts := struct {
CertDir string
ServiceCIDR string
Expand All @@ -76,7 +77,7 @@ func GenerateKubeadmYAML(mc config.MachineConfig, r cruntime.Manager) ([]byte, e
DNSDomain string
CRISocket string
ImageRepository string
ExtraArgs []componentExtraArgs
ComponentOptions []componentOptions
FeatureArgs map[string]bool
NoTaintMaster bool
}{
Expand All @@ -91,7 +92,7 @@ func GenerateKubeadmYAML(mc config.MachineConfig, r cruntime.Manager) ([]byte, e
NodeName: cp.Name,
CRISocket: r.SocketPath(),
ImageRepository: k8s.ImageRepository,
ExtraArgs: extraComponentConfig,
ComponentOptions: componentOpts,
FeatureArgs: kubeadmFeatureArgs,
NoTaintMaster: false, // That does not work with k8s 1.12+
DNSDomain: k8s.DNSDomain,
Expand All @@ -115,10 +116,11 @@ func GenerateKubeadmYAML(mc config.MachineConfig, r cruntime.Manager) ([]byte, e
if version.GTE(semver.MustParse("1.17.0")) {
configTmpl = ktmpl.V1Beta2
}
glog.Infof("kubeadm options: %+v", opts)
if err := configTmpl.Execute(&b, opts); err != nil {
return nil, err
}

glog.Infof("kubeadm config:\n%s\n", b.String())
return b.Bytes(), nil
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:12345
dns:
type: CoreDNS
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
fail-no-swap: "true"
Expand All @@ -32,8 +33,6 @@ scheduler:
scheduler-name: "mini-scheduler"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
3 changes: 1 addition & 2 deletions pkg/minikube/bootstrapper/bsutil/testdata/v1.14/crio.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
3 changes: 1 addition & 2 deletions pkg/minikube/bootstrapper/bsutil/testdata/v1.14/default.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
3 changes: 1 addition & 2 deletions pkg/minikube/bootstrapper/bsutil/testdata/v1.14/dns.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,11 @@ apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
imageRepository: test/repo
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
3 changes: 1 addition & 2 deletions pkg/minikube/bootstrapper/bsutil/testdata/v1.14/options.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
fail-no-swap: "true"
Expand All @@ -29,8 +30,6 @@ scheduler:
scheduler-name: "mini-scheduler"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:12345
dns:
type: CoreDNS
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
fail-no-swap: "true"
Expand All @@ -32,8 +33,6 @@ scheduler:
scheduler-name: "mini-scheduler"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
3 changes: 1 addition & 2 deletions pkg/minikube/bootstrapper/bsutil/testdata/v1.15/crio.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,11 @@ nodeRegistration:
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
extraArgs:
enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
certificatesDir: /var/lib/minikube/certs
clusterName: kubernetes
apiServer:
certSANs: ["127.0.0.1", "localhost", "1.1.1.1"]
controlPlaneEndpoint: localhost:8443
dns:
type: CoreDNS
Expand Down
Loading

0 comments on commit 82326fe

Please sign in to comment.