-
Notifications
You must be signed in to change notification settings - Fork 38.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add standalone npd on GCI. #40206
Add standalone npd on GCI. #40206
Conversation
@@ -298,6 +298,8 @@ func ClusterRoleBindings() []rbac.ClusterRoleBinding { | |||
rbac.NewClusterBinding("system:node").Groups(user.NodesGroup).BindingOrDie(), | |||
rbac.NewClusterBinding("system:node-proxier").Users(user.KubeProxy).BindingOrDie(), | |||
rbac.NewClusterBinding("system:kube-controller-manager").Users(user.KubeControllerManager).BindingOrDie(), | |||
// FIXME: Define me in yaml. | |||
rbac.NewClusterBinding("system:node-problem-detector").Users(user.NodeProblemDetector).BindingOrDie(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe something more like https://github.com/kubernetes/kubernetes/pull/40760/files#diff-6e3b476b9225d1213dc6ad13e453fc16R1138 ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done. :)
def05b4
to
36ae368
Compare
36ae368
to
8ba57d6
Compare
@dchen1107 This PR is ready for review. But note that before merging this PR, we need to merge all pending PRs in npd, and release the v0.3.0-alpha.1 version of NPD. /cc @liggitt Please take a look at the RBAC role binding. I put it in the addon directory now. |
c427a18
to
0255b8b
Compare
0255b8b
to
d40c0a7
Compare
Please update your pr description above:
I believe the issue is resolved in this pr.
I believe those dependent prs are merged. |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED The following people have approved this PR: Random-Liu, dchen1107 Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
Apply LGTM based on #40206 (comment). |
Automatic merge from submit-queue |
…ault Automatic merge from submit-queue Add an env KUBE_ENABLE_MASTER_NOSCHEDULE_TAINT and disable it by default This PR changed master `NoSchedule` taint to opt-in. As is discussed with @bgrant0607 @janetkuo, `NoSchedule` master taint breaks existing user workload, we should not enable it by default. Previously, NPD required the taint because it can only support one OS distro with a specific configuration. If master and node are using different OS distros, NPD will not work either on master or node. However, we've already fixed this in #40206, so for NPD it's fine to disable the taint. This should work, but I'll still try it in my cluster to confirm. @kubernetes/sig-scheduling-misc @dchen1107 @mikedanese
This PR added standalone NPD in GCE GCI cluster. I already verified the PR, and it should work.
/cc @dchen1107 @fabioy @andyxning @kubernetes/sig-node-misc
Release note: