From fd9c9e6899676ff9191a1760bf65ab68dcda8728 Mon Sep 17 00:00:00 2001 From: Viktor Safronov Date: Mon, 6 Aug 2018 13:55:55 +0300 Subject: [PATCH] Revert "Remove untainting logic." This reverts a part of commit eec47aaa714411df451b111e4a3b8ce7c08674a0. --- pkg/minikube/bootstrapper/kubeadm/kubeadm.go | 8 +++ pkg/minikube/bootstrapper/kubeadm/util.go | 56 +++++++++++++++++++- 2 files changed, 63 insertions(+), 1 deletion(-) diff --git a/pkg/minikube/bootstrapper/kubeadm/kubeadm.go b/pkg/minikube/bootstrapper/kubeadm/kubeadm.go index d6270baadecc..494311ff1e4d 100644 --- a/pkg/minikube/bootstrapper/kubeadm/kubeadm.go +++ b/pkg/minikube/bootstrapper/kubeadm/kubeadm.go @@ -135,6 +135,14 @@ func (k *KubeadmBootstrapper) StartCluster(k8s config.KubernetesConfig) error { return errors.Wrapf(err, "kubeadm init error %s running command: %s", b.String(), out) } + if version.LT(semver.MustParse("1.10.0-alpha.0")) { + //TODO(r2d4): get rid of global here + master = k8s.NodeName + if err := util.RetryAfter(200, unmarkMaster, time.Second*1); err != nil { + return errors.Wrap(err, "timed out waiting to unmark master") + } + } + if err := util.RetryAfter(100, elevateKubeSystemPrivileges, time.Millisecond*500); err != nil { return errors.Wrap(err, "timed out waiting to elevate kube-system RBAC privileges") } diff --git a/pkg/minikube/bootstrapper/kubeadm/util.go b/pkg/minikube/bootstrapper/kubeadm/util.go index 6cec153af1f0..2eb59d74e4d7 100644 --- a/pkg/minikube/bootstrapper/kubeadm/util.go +++ b/pkg/minikube/bootstrapper/kubeadm/util.go @@ -18,24 +18,78 @@ package kubeadm import ( "bytes" + "encoding/json" "html/template" "strings" "github.com/golang/glog" "github.com/pkg/errors" + clientv1 "k8s.io/api/core/v1" rbacv1beta1 "k8s.io/api/rbac/v1beta1" + apierrs "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/strategicpatch" "k8s.io/minikube/pkg/minikube/config" "k8s.io/minikube/pkg/minikube/service" "k8s.io/minikube/pkg/util" ) const ( - rbacName = "minikube-rbac" + masterTaint = "node-role.kubernetes.io/master" + rbacName = "minikube-rbac" ) +var master = "" + +func unmarkMaster() error { + k8s := service.K8s + client, err := k8s.GetCoreClient() + if err != nil { + return errors.Wrap(err, "getting core client") + } + n, err := client.Nodes().Get(master, v1.GetOptions{}) + if err != nil { + return errors.Wrapf(err, "getting node %s", master) + } + + oldData, err := json.Marshal(n) + if err != nil { + return errors.Wrap(err, "json marshalling data before patch") + } + + newTaints := []clientv1.Taint{} + for _, taint := range n.Spec.Taints { + if taint.Key == masterTaint { + continue + } + + newTaints = append(newTaints, taint) + } + n.Spec.Taints = newTaints + + newData, err := json.Marshal(n) + if err != nil { + return errors.Wrapf(err, "json marshalling data after patch") + } + + patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldData, newData, clientv1.Node{}) + if err != nil { + return errors.Wrap(err, "creating strategic patch") + } + + if _, err := client.Nodes().Patch(n.Name, types.StrategicMergePatchType, patchBytes); err != nil { + if apierrs.IsConflict(err) { + return errors.Wrap(err, "strategic patch conflict") + } + return errors.Wrap(err, "applying strategic patch") + } + + return nil +} + // elevateKubeSystemPrivileges gives the kube-system service account // cluster admin privileges to work with RBAC. func elevateKubeSystemPrivileges() error {