New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support imagePullSecrets and imagePullPolicy in kubefed init #50740
support imagePullSecrets and imagePullPolicy in kubefed init #50740
Conversation
Hi @dixudx. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
3007cbe
to
9d6db2d
Compare
/cc @kubernetes/sig-federation-pr-reviews |
federation/pkg/kubefed/init/init.go
Outdated
@@ -159,6 +161,8 @@ type initFederationOptions struct { | |||
func (o *initFederationOptions) Bind(flags *pflag.FlagSet, defaultServerImage, defaultEtcdImage string) { | |||
flags.StringVar(&o.dnsZoneName, "dns-zone-name", "", "DNS suffix for this federation. Federated Service DNS names are published with this suffix.") | |||
flags.StringVar(&o.serverImage, "image", defaultServerImage, "Image to use for federation API server and controller manager binaries.") | |||
flags.StringVar(&o.imagePullPolicy, "imagePullPolicy", string(api.PullIfNotPresent), "PullPolicy describes a policy for if/when to pull a container image. The default pull policy is IfNotPresent which will not pull an image if it already exists.") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd prefer we use image-pull-policy
as the flag
federation/pkg/kubefed/init/init.go
Outdated
@@ -159,6 +161,8 @@ type initFederationOptions struct { | |||
func (o *initFederationOptions) Bind(flags *pflag.FlagSet, defaultServerImage, defaultEtcdImage string) { | |||
flags.StringVar(&o.dnsZoneName, "dns-zone-name", "", "DNS suffix for this federation. Federated Service DNS names are published with this suffix.") | |||
flags.StringVar(&o.serverImage, "image", defaultServerImage, "Image to use for federation API server and controller manager binaries.") | |||
flags.StringVar(&o.imagePullPolicy, "imagePullPolicy", string(api.PullIfNotPresent), "PullPolicy describes a policy for if/when to pull a container image. The default pull policy is IfNotPresent which will not pull an image if it already exists.") | |||
flags.StringVar(&o.imagePullSecrets, "imagePullSecrets", "", "Provide secrets that can access the private registry.") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd prefer we use image-pull-secrets
as the flag
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
SGTM. Thanks.
federation/pkg/kubefed/init/init.go
Outdated
@@ -361,7 +365,7 @@ func (i *initFederation) Run(cmdOut io.Writer, config util.AdminConfig) error { | |||
|
|||
fmt.Fprint(cmdOut, "Creating federation component deployments...") | |||
glog.V(4).Info("Creating federation control plane components") | |||
_, err = createAPIServer(hostClientset, i.commonOptions.FederationSystemNamespace, serverName, i.commonOptions.Name, i.options.serverImage, i.options.etcdImage, advertiseAddress, serverCredName, i.options.apiServerEnableHTTPBasicAuth, i.options.apiServerEnableTokenAuth, i.options.apiServerOverrides, pvc, i.options.dryRun) | |||
_, err = createAPIServer(hostClientset, i.commonOptions.FederationSystemNamespace, serverName, i.commonOptions.Name, i.options.serverImage, i.options.imagePullPolicy, i.options.imagePullSecrets, i.options.etcdImage, advertiseAddress, serverCredName, i.options.apiServerEnableHTTPBasicAuth, i.options.apiServerEnableTokenAuth, i.options.apiServerOverrides, pvc, i.options.dryRun) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Put new parameters to the end, ditto for others
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@gyliu513 I was thinking to do like this. But current params of createAPIServer
seem to get grouped by their type. Directly appending new params will break current style. WDYT?
@@ -263,6 +275,7 @@ func TestInitFederation(t *testing.T) { | |||
cmd.Flags().Set("dns-zone-name", tc.dnsZoneName) | |||
cmd.Flags().Set("image", tc.serverImage) | |||
cmd.Flags().Set("etcd-image", tc.etcdImage) | |||
cmd.Flags().Set("imagePullPolicy", tc.imagePullPolicy) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
losing image pull secrets here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
adding it in below L295.
@@ -279,6 +292,9 @@ func TestInitFederation(t *testing.T) { | |||
if tc.etcdPersistence != "true" { | |||
cmd.Flags().Set("etcd-persistent-storage", tc.etcdPersistence) | |||
} | |||
if tc.imagePullSecrets != "" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also need to check image pull policy
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
imagePullPolicy
is set to a default value, just like serverImage
. Still need checking?
/ok-to-test |
9d6db2d
to
a9d6a52
Compare
@gyliu513 Updated. PTAL. Thanks. |
@@ -621,7 +637,7 @@ func TestCertsHTTPS(t *testing.T) { | |||
} | |||
} | |||
|
|||
func fakeInitHostFactory(apiserverServiceType v1.ServiceType, federationName, namespaceName, advertiseAddress, lbIp, dnsZoneName, serverImage, etcdImage, dnsProvider, dnsProviderConfig, etcdPersistence, etcdPVCapacity, etcdPVStorageClass, apiserverOverrideArg, cmOverrideArg, tmpDirPath string, apiserverEnableHTTPBasicAuth, apiserverEnableTokenAuth, isRBACAPIAvailable bool) (cmdutil.Factory, error) { | |||
func fakeInitHostFactory(apiserverServiceType v1.ServiceType, federationName, namespaceName, advertiseAddress, lbIp, dnsZoneName, serverImage, imagePullPolicy, imagePullSecrets, etcdImage, dnsProvider, dnsProviderConfig, etcdPersistence, etcdPVCapacity, etcdPVStorageClass, apiserverOverrideArg, cmOverrideArg, tmpDirPath string, apiserverEnableHTTPBasicAuth, apiserverEnableTokenAuth, isRBACAPIAvailable bool) (cmdutil.Factory, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
put new added parameters to the end as well.
a9d6a52
to
869c91d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
/cc @kubernetes/sig-federation-pr-reviews
/assign @nikhiljindal @quinton-hoole |
/test pull-kubernetes-kubemark-e2e-gce |
/test pull-kubernetes-unit |
/approve |
/retest |
869c91d
to
5b7f2b3
Compare
ping @gyliu513 Rebased. Needs your |
/retest |
/assign |
ping @irfanurrehman @gyliu513 PTAL. Needs your |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dixudx, gyliu513, quinton-hoole Associated issue: 50718 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
/test all Tests are more than 96 hours old. Re-running tests. |
/test all [submit-queue is verifying that this PR is safe to merge] |
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here. |
What this PR does / why we need it:
Which issue this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close that issue when PR gets merged): fixes #50718Special notes for your reviewer:
/assign @gyliu513
Release note: