Update kube-vip spec in cluster templates to adopt k8s 1.29 (#1798)

Makefile

@@ -187,15 +187,15 @@ generate-go-conversions: $(CONVERSION_GEN) ## Generate conversions go code
 		--go-header-file=./hack/boilerplate/boilerplate.generatego.txt
 
 .PHONY: generate-templates
-generate-templates: $(KUSTOMIZE)
+generate-templates: $(KUSTOMIZE) ## Generate cluster templates
 	$(KUSTOMIZE) build $(TEMPLATES_DIR)/cluster-template --load-restrictor LoadRestrictionsNone > $(TEMPLATES_DIR)/cluster-template.yaml
 	$(KUSTOMIZE) build $(TEMPLATES_DIR)/cluster-template-powervs --load-restrictor LoadRestrictionsNone > $(TEMPLATES_DIR)/cluster-template-powervs.yaml
 	$(KUSTOMIZE) build $(TEMPLATES_DIR)/cluster-template-powervs-cloud-provider --load-restrictor LoadRestrictionsNone > $(TEMPLATES_DIR)/cluster-template-powervs-cloud-provider.yaml
 	$(KUSTOMIZE) build $(TEMPLATES_DIR)/cluster-template-powervs-clusterclass --load-restrictor LoadRestrictionsNone > $(TEMPLATES_DIR)/cluster-template-powervs-clusterclass.yaml
 	$(KUSTOMIZE) build $(TEMPLATES_DIR)/cluster-template-vpc-clusterclass --load-restrictor LoadRestrictionsNone > $(TEMPLATES_DIR)/cluster-template-vpc-clusterclass.yaml
 
 .PHONY: generate-e2e-templates
-generate-e2e-templates: $(KUSTOMIZE)
+generate-e2e-templates: $(KUSTOMIZE) ## Generate E2E cluster templates
 ifeq ($(E2E_FLAVOR), powervs-md-remediation)
 	$(KUSTOMIZE) build $(E2E_TEMPLATES)/cluster-template-powervs-md-remediation --load-restrictor LoadRestrictionsNone > $(E2E_TEMPLATES)/cluster-template-powervs-md-remediation.yaml
 else

templates/bases/powervs/kcp.yaml

@@ -47,6 +47,9 @@ spec:
       - echo "127.0.0.1   localhost" >>/etc/hosts
       - echo "127.0.0.1   {{ v1.local_hostname }}" >>/etc/hosts
       - echo "{{ v1.local_hostname }}" >/etc/hostname
+      - mkdir -p /etc/pre-kubeadm-commands
+      - for script in $(find /etc/pre-kubeadm-commands/ -name '*.sh' -type f | sort);
+        do echo "Running script $script"; "$script"; done
     files:
       - path: /etc/kubernetes/manifests/kube-vip.yaml
         content: |
@@ -87,7 +90,7 @@ spec:
                 value: "1"
               - name: address
                 value: "${IBMPOWERVS_VIP}"
-              image: ghcr.io/kube-vip/kube-vip:v0.4.4
+              image: ghcr.io/kube-vip/kube-vip:v0.8.0
               imagePullPolicy: Always
               name: kube-vip
               resources: {}
@@ -99,18 +102,71 @@ spec:
               volumeMounts:
               - mountPath: /etc/kubernetes/admin.conf
                 name: kubeconfig
-            hostAliases:
-            - hostnames:
-              - kubernetes
-              ip: 127.0.0.1
+              - mountPath: /etc/hosts
+                name: etchosts
             hostNetwork: true
             volumes:
             - hostPath:
                 path: /etc/kubernetes/admin.conf
               name: kubeconfig
+            - hostPath:
+                path: /etc/kube-vip.hosts
+                type: File
+              name: etchosts
           status: {}
         owner: "root:root"
         permissions: "0744"
+      - content: 127.0.0.1 localhost kubernetes
+        owner: root:root
+        path: /etc/kube-vip.hosts
+        permissions: "0644"
+      - content: |
+          #!/bin/bash
+    
+          # Copyright 2020 The Kubernetes Authors.
+          #
+          # Licensed under the Apache License, Version 2.0 (the "License");
+          # you may not use this file except in compliance with the License.
+          # You may obtain a copy of the License at
+          #
+          #     http://www.apache.org/licenses/LICENSE-2.0
+          #
+          # Unless required by applicable law or agreed to in writing, software
+          # distributed under the License is distributed on an "AS IS" BASIS,
+          # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+          # See the License for the specific language governing permissions and
+          # limitations under the License.
+
+          set -e
+
+          # Configure the workaround required for kubeadm init with kube-vip:
+          # xref: https://github.com/kube-vip/kube-vip/issues/684
+
+          # Nothing to do for kubernetes < v1.29
+          KUBEADM_MINOR="$(kubeadm version -o short | cut -d '.' -f 2)"
+          if [[ "$KUBEADM_MINOR" -lt "29" ]]; then
+            exit 0
+          fi
+
+          IS_KUBEADM_INIT="false"
+
+          # cloud-init kubeadm init
+          if [[ -f /run/kubeadm/kubeadm.yaml ]]; then
+            IS_KUBEADM_INIT="true"
+          fi
+
+          # ignition kubeadm init
+          if [[ -f /etc/kubeadm.sh ]] && grep -q -e "kubeadm init" /etc/kubeadm.sh; then
+            IS_KUBEADM_INIT="true"
+          fi
+
+          if [[ "$IS_KUBEADM_INIT" == "true" ]]; then
+            sed -i 's#path: /etc/kubernetes/admin.conf#path: /etc/kubernetes/super-admin.conf#' \
+              /etc/kubernetes/manifests/kube-vip.yaml
+          fi
+        owner: root:root
+        path: /etc/pre-kubeadm-commands/50-kube-vip-prepare.sh
+        permissions: "0700"
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: IBMPowerVSMachineTemplate

templates/cluster-template-powervs-cloud-provider.yaml

@@ -94,7 +94,7 @@ spec:
               value: "1"
             - name: address
               value: "${IBMPOWERVS_VIP}"
-            image: ghcr.io/kube-vip/kube-vip:v0.4.4
+            image: ghcr.io/kube-vip/kube-vip:v0.8.0
             imagePullPolicy: Always
             name: kube-vip
             resources: {}
@@ -106,19 +106,72 @@ spec:
             volumeMounts:
             - mountPath: /etc/kubernetes/admin.conf
               name: kubeconfig
-          hostAliases:
-          - hostnames:
-            - kubernetes
-            ip: 127.0.0.1
+            - mountPath: /etc/hosts
+              name: etchosts
           hostNetwork: true
           volumes:
           - hostPath:
               path: /etc/kubernetes/admin.conf
             name: kubeconfig
+          - hostPath:
+              path: /etc/kube-vip.hosts
+              type: File
+            name: etchosts
         status: {}
       owner: root:root
       path: /etc/kubernetes/manifests/kube-vip.yaml
       permissions: "0744"
+    - content: 127.0.0.1 localhost kubernetes
+      owner: root:root
+      path: /etc/kube-vip.hosts
+      permissions: "0644"
+    - content: |
+        #!/bin/bash
+
+        # Copyright 2020 The Kubernetes Authors.
+        #
+        # Licensed under the Apache License, Version 2.0 (the "License");
+        # you may not use this file except in compliance with the License.
+        # You may obtain a copy of the License at
+        #
+        #     http://www.apache.org/licenses/LICENSE-2.0
+        #
+        # Unless required by applicable law or agreed to in writing, software
+        # distributed under the License is distributed on an "AS IS" BASIS,
+        # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+        # See the License for the specific language governing permissions and
+        # limitations under the License.
+
+        set -e
+
+        # Configure the workaround required for kubeadm init with kube-vip:
+        # xref: https://github.com/kube-vip/kube-vip/issues/684
+
+        # Nothing to do for kubernetes < v1.29
+        KUBEADM_MINOR="$(kubeadm version -o short | cut -d '.' -f 2)"
+        if [[ "$KUBEADM_MINOR" -lt "29" ]]; then
+          exit 0
+        fi
+
+        IS_KUBEADM_INIT="false"
+
+        # cloud-init kubeadm init
+        if [[ -f /run/kubeadm/kubeadm.yaml ]]; then
+          IS_KUBEADM_INIT="true"
+        fi
+
+        # ignition kubeadm init
+        if [[ -f /etc/kubeadm.sh ]] && grep -q -e "kubeadm init" /etc/kubeadm.sh; then
+          IS_KUBEADM_INIT="true"
+        fi
+
+        if [[ "$IS_KUBEADM_INIT" == "true" ]]; then
+          sed -i 's#path: /etc/kubernetes/admin.conf#path: /etc/kubernetes/super-admin.conf#' \
+            /etc/kubernetes/manifests/kube-vip.yaml
+        fi
+      owner: root:root
+      path: /etc/pre-kubeadm-commands/50-kube-vip-prepare.sh
+      permissions: "0700"
     initConfiguration:
       nodeRegistration:
         criSocket: /var/run/containerd/containerd.sock
@@ -145,6 +198,9 @@ spec:
     - echo "127.0.0.1   localhost" >>/etc/hosts
     - echo "127.0.0.1   {{ v1.local_hostname }}" >>/etc/hosts
     - echo "{{ v1.local_hostname }}" >/etc/hostname
+    - mkdir -p /etc/pre-kubeadm-commands
+    - for script in $(find /etc/pre-kubeadm-commands/ -name '*.sh' -type f | sort);
+      do echo "Running script $script"; "$script"; done
     useExperimentalRetryJoin: true
   machineTemplate:
     infrastructureRef:

templates/cluster-template-powervs-clusterclass.yaml

@@ -133,7 +133,7 @@ spec:
                   value: "1"
                 - name: address
                   value: "${IBMPOWERVS_VIP}"
-                image: ghcr.io/kube-vip/kube-vip:v0.4.4
+                image: ghcr.io/kube-vip/kube-vip:v0.8.0
                 imagePullPolicy: Always
                 name: kube-vip
                 resources: {}
@@ -145,19 +145,72 @@ spec:
                 volumeMounts:
                 - mountPath: /etc/kubernetes/admin.conf
                   name: kubeconfig
-              hostAliases:
-              - hostnames:
-                - kubernetes
-                ip: 127.0.0.1
+                - mountPath: /etc/hosts
+                  name: etchosts
               hostNetwork: true
               volumes:
               - hostPath:
                   path: /etc/kubernetes/admin.conf
                 name: kubeconfig
+              - hostPath:
+                  path: /etc/kube-vip.hosts
+                  type: File
+                name: etchosts
             status: {}
           owner: root:root
           path: /etc/kubernetes/manifests/kube-vip.yaml
           permissions: "0744"
+        - content: 127.0.0.1 localhost kubernetes
+          owner: root:root
+          path: /etc/kube-vip.hosts
+          permissions: "0644"
+        - content: |
+            #!/bin/bash
+
+            # Copyright 2020 The Kubernetes Authors.
+            #
+            # Licensed under the Apache License, Version 2.0 (the "License");
+            # you may not use this file except in compliance with the License.
+            # You may obtain a copy of the License at
+            #
+            #     http://www.apache.org/licenses/LICENSE-2.0
+            #
+            # Unless required by applicable law or agreed to in writing, software
+            # distributed under the License is distributed on an "AS IS" BASIS,
+            # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+            # See the License for the specific language governing permissions and
+            # limitations under the License.
+
+            set -e
+
+            # Configure the workaround required for kubeadm init with kube-vip:
+            # xref: https://github.com/kube-vip/kube-vip/issues/684
+
+            # Nothing to do for kubernetes < v1.29
+            KUBEADM_MINOR="$(kubeadm version -o short | cut -d '.' -f 2)"
+            if [[ "$KUBEADM_MINOR" -lt "29" ]]; then
+              exit 0
+            fi
+
+            IS_KUBEADM_INIT="false"
+
+            # cloud-init kubeadm init
+            if [[ -f /run/kubeadm/kubeadm.yaml ]]; then
+              IS_KUBEADM_INIT="true"
+            fi
+
+            # ignition kubeadm init
+            if [[ -f /etc/kubeadm.sh ]] && grep -q -e "kubeadm init" /etc/kubeadm.sh; then
+              IS_KUBEADM_INIT="true"
+            fi
+
+            if [[ "$IS_KUBEADM_INIT" == "true" ]]; then
+              sed -i 's#path: /etc/kubernetes/admin.conf#path: /etc/kubernetes/super-admin.conf#' \
+                /etc/kubernetes/manifests/kube-vip.yaml
+            fi
+          owner: root:root
+          path: /etc/pre-kubeadm-commands/50-kube-vip-prepare.sh
+          permissions: "0700"
         initConfiguration:
           nodeRegistration:
             criSocket: unix:///var/run/containerd/containerd.sock
@@ -184,6 +237,8 @@ spec:
         - echo "127.0.0.1   localhost" >>/etc/hosts
         - echo "127.0.0.1   {{ v1.local_hostname }}" >>/etc/hosts
         - echo "{{ v1.local_hostname }}" >/etc/hostname
+        - for script in $(find /etc/pre-kubeadm-commands/ -name '*.sh' -type f | sort);
+          do echo "Running script $script"; "$script"; done
         useExperimentalRetryJoin: true
 ---
 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1

templates/cluster-template-powervs-clusterclass/cluster-with-kcp.yaml

@@ -133,7 +133,7 @@ spec:
                     value: "1"
                   - name: address
                     value: "${IBMPOWERVS_VIP}"
-                  image: ghcr.io/kube-vip/kube-vip:v0.4.4
+                  image: ghcr.io/kube-vip/kube-vip:v0.8.0
                   imagePullPolicy: Always
                   name: kube-vip
                   resources: {}
@@ -145,19 +145,72 @@ spec:
                   volumeMounts:
                   - mountPath: /etc/kubernetes/admin.conf
                     name: kubeconfig
-                hostAliases:
-                - hostnames:
-                  - kubernetes
-                  ip: 127.0.0.1
+                  - mountPath: /etc/hosts
+                    name: etchosts
                 hostNetwork: true
                 volumes:
                 - hostPath:
                     path: /etc/kubernetes/admin.conf
                   name: kubeconfig
+                - hostPath:
+                    path: /etc/kube-vip.hosts
+                    type: File
+                  name: etchosts
               status: {}
             owner: root:root
             path: /etc/kubernetes/manifests/kube-vip.yaml
             permissions: "0744"
+          - content: 127.0.0.1 localhost kubernetes
+            owner: root:root
+            path: /etc/kube-vip.hosts
+            permissions: "0644"
+          - content: |
+              #!/bin/bash
+      
+              # Copyright 2020 The Kubernetes Authors.
+              #
+              # Licensed under the Apache License, Version 2.0 (the "License");
+              # you may not use this file except in compliance with the License.
+              # You may obtain a copy of the License at
+              #
+              #     http://www.apache.org/licenses/LICENSE-2.0
+              #
+              # Unless required by applicable law or agreed to in writing, software
+              # distributed under the License is distributed on an "AS IS" BASIS,
+              # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+              # See the License for the specific language governing permissions and
+              # limitations under the License.
+
+              set -e
+
+              # Configure the workaround required for kubeadm init with kube-vip:
+              # xref: https://github.com/kube-vip/kube-vip/issues/684
+
+              # Nothing to do for kubernetes < v1.29
+              KUBEADM_MINOR="$(kubeadm version -o short | cut -d '.' -f 2)"
+              if [[ "$KUBEADM_MINOR" -lt "29" ]]; then
+                exit 0
+              fi
+
+              IS_KUBEADM_INIT="false"
+
+              # cloud-init kubeadm init
+              if [[ -f /run/kubeadm/kubeadm.yaml ]]; then
+                IS_KUBEADM_INIT="true"
+              fi
+
+              # ignition kubeadm init
+              if [[ -f /etc/kubeadm.sh ]] && grep -q -e "kubeadm init" /etc/kubeadm.sh; then
+                IS_KUBEADM_INIT="true"
+              fi
+
+              if [[ "$IS_KUBEADM_INIT" == "true" ]]; then
+                sed -i 's#path: /etc/kubernetes/admin.conf#path: /etc/kubernetes/super-admin.conf#' \
+                  /etc/kubernetes/manifests/kube-vip.yaml
+              fi
+            owner: root:root
+            path: /etc/pre-kubeadm-commands/50-kube-vip-prepare.sh
+            permissions: "0700"
         initConfiguration:
           nodeRegistration:
             criSocket: unix:///var/run/containerd/containerd.sock
@@ -184,4 +237,6 @@ spec:
           - echo "127.0.0.1   localhost" >>/etc/hosts
           - echo "127.0.0.1   {{ v1.local_hostname }}" >>/etc/hosts
           - echo "{{ v1.local_hostname }}" >/etc/hostname
+          - for script in $(find /etc/pre-kubeadm-commands/ -name '*.sh' -type f | sort);
+            do echo "Running script $script"; "$script"; done
         useExperimentalRetryJoin: true