-
Notifications
You must be signed in to change notification settings - Fork 38.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kubeadm: FeatureGate MergeCLIArgumentsWithConfig is added for ignorePreflightErrors #119946
kubeadm: FeatureGate MergeCLIArgumentsWithConfig is added for ignorePreflightErrors #119946
Conversation
Please note that we're already in Test Freeze for the Fast forwards are scheduled to happen every 6 hours, whereas the most recent run was: Tue Aug 15 04:36:57 UTC 2023. |
/hold adding a feature gate. |
@chendave note how we added a deprecated FG here: we can use the same pattern IMO |
c231254
to
6cbb7a3
Compare
ignore-preflight-errors
flag will replace the value from config file6cbb7a3
to
e64fa10
Compare
e64fa10
to
167fadb
Compare
/unhold |
e3b9a4e
to
c6932e8
Compare
I must tweak a little bit around those related testcases. @neolit123 @SataQiu @pacoxu pls review if you have time. I think all testcases should pass now. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks for the update @chendave
this definitely needs more eyes.
the FG name and mechanism SGMT.
added a couple of questions related to side changes around join_*.
cmd/kubeadm/app/cmd/join.go
Outdated
initCfg := &kubeadmapi.InitConfiguration{} | ||
// If the cfg is not valid config, e.g. this might be a fake config defined in testcase, then lazily fetch `InitConfiguration` until it's really used. | ||
if tlsBootstrapCfg == nil { | ||
if tlsBootstrapCfg, err = discovery.For(cfg); err == nil { | ||
if initCfg, err = fetchInitConfigurationFromJoinConfiguration(cfg, tlsBootstrapCfg); err != nil { | ||
return nil, err | ||
} | ||
} | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hm, wouldn't this result in the init config being fetched always?
how do we know if this is a test config?
also why not add this below:
if _, err := os.Stat(adminKubeConfigPath); err == nil && opt.controlPlane {
// use the admin.conf as tlsBootstrapCfg, that is the kubeconfig file used for reading the kubeadm-config during discovery
klog.V(1).Infof("[preflight] found %s. Use it for skipping discovery", adminKubeConfigPath)
tlsBootstrapCfg, err = clientcmd.LoadFromFile(adminKubeConfigPath)
if err != nil {
return nil, errors.Wrapf(err, "Error loading %s", adminKubeConfigPath)
}
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hm, wouldn't this result in the init config being fetched always?
we cannot get the FG defined from a init config if there is no such config.
how do we know if this is a test config?
if this is not a test config and an error is hit, then initCfg would be an empty config, then initCfg could be fetched again when it is needed.
also why not add this below:
do you mean fetching the config only it's a control plane && admin kubeconfig exist? sorry, I cannot get it, is there any benefit for us to move those code up?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hm, wouldn't this result in the init config being fetched always?
we cannot get the FG defined from a init config if there is no such config.
this is pain, is there anyway for us to workaround this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do you mean fetching the config only it's a control plane && admin kubeconfig exist? sorry, I cannot get it, is there any benefit for us to move those code up?
no just putting the login closer to the block i posted here
#119946 (comment)
core organization wise
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i don't think we are understanding each other very well here.
the above logic and comment in the code confused me, but i think you might want to ignore my question for now, because i'm doing N things at once and don't have enough time to have a look at this PR more today.
if you think it's the right thing to do, leave it like so and other reviewers will also have a look.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@neolit123 take your time, this is not urgent I think, thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hm, wouldn't this result in the init config being fetched always?
this should be, the reason is we need to get the initCfg
from cluster, so that we can get the FeatureGates
from the initCfg
.
here is the code:
ignorePreflightErrorsSet, err := validation.ValidateIgnorePreflightErrors(initCfg.FeatureGates, opt.ignorePreflightErrors, cfg.NodeRegistration.IgnorePreflightErrors)
Because of that, I add a parameter lazilyFetchInitCfg
here to keep the original testcase unimpacted, the testcases there expected to lazily fetch a initConfiguration
, I think that is because testcase should not interact with the cluster.
no just putting the login closer to the block i posted here
hmm, looks like I cannot move this piece of code up, because the code must under the cfg
, I need the cfg
to get the cfg.NodeRegistration.IgnorePreflightErrors
as well.
cfg, err := configutil.LoadOrDefaultJoinConfiguration(opt.cfgPath, opt.externalcfg)
cmd/kubeadm/app/cmd/join_test.go
Outdated
// set the controlPlane to true to bypass the discovery of a tlsBootstrapCfg from the JoinConfiguration, this could be opt-out by the flag defined in the testcases. | ||
joinOptions.controlPlane = true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you please elaborate on why this controlPlane field bypasses the discovery of a tlsBootstrapCfg? is it because the tlsBootstrapCfg local var will be nil if there is no admin.conf?
i got a bit lost on this one. maybe more details in the comment are needed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
overall, we want to bypass the logic to get the tlsBootstrapCfg
from a cluster, unittest shouldn't do that (interact with a cluster to fetch something from a cluster).
if tlsBootstrapCfg == nil {
if tlsBootstrapCfg, err = discovery.For(cfg); err == nil {
set the controlplane will help to set tlsBootstrapCfg
and hence skip this step.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since I added a new parameter lazilyFetchInitCfg
in the function of newJoinData
, so those change are not needed anymore.
0d046d1
to
9a8b373
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
/hold
/triage accepted
generally LGTM. needs another reviewer!
please double check the logic around:
https://github.com/kubernetes/kubernetes/pull/119946/files#r1315679568
9a8b373
to
f6ac3c9
Compare
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: chendave, neolit123 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
cmd/kubeadm/app/features/features.go
Outdated
@@ -38,13 +38,19 @@ const ( | |||
EtcdLearnerMode = "EtcdLearnerMode" | |||
// UpgradeAddonsBeforeControlPlane is expected to be in deprecated in v1.28 and will be removed in future release | |||
UpgradeAddonsBeforeControlPlane = "UpgradeAddonsBeforeControlPlane" | |||
// MergeCLIArgumentsWithConfig in deprecated in v1.29 and is expected to be removed in 1.30 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typo here.
…reflightErrors Turn on FeatureGate MergeCLIArgumentsWithConfig to keep the legacy way of management of ignorePreflightErrors, which means the value defined by the flag `ignore-preflight-errors` will be merged with the value `ignorePreflightErrors` defined in the config file. Otherwise, the value defined by the flag will replace the value from the config file if set. Signed-off-by: Dave Chen <dave.chen@arm.com>
f6ac3c9
to
8009530
Compare
/lgtm |
LGTM label has been added. Git tree hash: dc12011e34940d0cffc7ff92e2512eba2d97cc38
|
/unhold thanks guys for the review! |
Turn on FeatureGate
MergeCLIArgumentsWithConfig
to keep the legacy way of management ofignorePreflightErrors
, which means the value defined by the flagignore-preflight-errors
will be merged with the valueignorePreflightErrors
defined in the config file.Otherwise, the value defined by the flag will replace the value from the config file if set.
/kind feature
ref: #113583 (comment)
What type of PR is this?
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: