kubeadm: Remove .ImagePullPolicy from the v1alpha2 API
#64096
Conversation
k8s-ci-robot
added
release-note
k8s-ci-robot
added
area/kubeadm
release-note-action-required
| - {{ .APIServerImage }} | ||
| - {{ .ControllerManagerImage }} | ||
| - {{ .SchedulerImage }} | ||
| - {{ .EtcdImage }} (only if no external etcd endpoints are configured) | ||
| - You can check or miligate this in beforehand with "kubeadm config images pull" to make sure the images |
| @@ -76,7 +76,7 @@ func GetStaticPodSpecs(cfg *kubeadmapi.MasterConfiguration, k8sVersion *version. | |||
| kubeadmconstants.KubeAPIServer: staticpodutil.ComponentPod(v1.Container{ | |||
| Name: kubeadmconstants.KubeAPIServer, | |||
| Image: images.GetCoreImage(kubeadmconstants.KubeAPIServer, cfg.GetControlPlaneImageRepository(), cfg.KubernetesVersion, cfg.UnifiedControlPlaneImage), | |||
| ImagePullPolicy: cfg.ImagePullPolicy, | |||
| ImagePullPolicy: v1.PullIfNotPresent, | |||
There was a problem hiding this comment.
kubelet defaults to IfNotPresent if this is not set in the static pod YAML. Thus setting it here explicitly can be omitted (although it doesn't do any harm to be set explicitly here).
There was a problem hiding this comment.
I think this makes sense and cleans up a field in the API 👍.
One concern I have with this path (which admittedly is beyond this PR) is that the scope of preflight checks will expand when we start pulling images with checks. To me, that feels like they are no longer checks but preflight actions. It might be that checks are already allowed to be mutative actions, but my assertion based on the name is that they were seeing if the system was in the right state and reporting errors, not fixing it for the user.
| - {{ .APIServerImage }} | ||
| - {{ .ControllerManagerImage }} | ||
| - {{ .SchedulerImage }} | ||
| - {{ .EtcdImage }} (only if no external etcd endpoints are configured) | ||
| - You can check or miligate this in beforehand with "kubeadm config images pull" to make sure the images |
There was a problem hiding this comment.
typo in 'miligate', I assume you mean 'mitigate'. Also drop the word 'in'
k8s-ci-robot
added
the
do-not-merge/hold
k8s-ci-robot
added
the
lgtm
timothysc
removed
the
do-not-merge/hold
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: luxas, timothysc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest |
We discussed this with @timothysc, and Also noteworthy is that kubernetes/kubeadm#825 is coming to prepull images in the preflight checks if images don't exist locally already. This will help us get from the place where we wait for a long time for the kubelet to pull the images, with poor UX as kubeadm can hang if there's no internet connection. These are slightly related, so hence the mentioned here. |
|
Automatic merge from submit-queue (batch tested with PRs 59414, 64096). If you want to cherry-pick this change to another branch, please follow the instructions here. |
What this PR does / why we need it:
So with
kubeadm config images list/pullI don't think we need this anymore. Also I don't like this being in our API, as I think the purpose of why it's there can be achieved in other ways.Instead, I propose to set this explicitely to
IfNotPresent, and tell the user to prepull the images withkubeadm config images pullin case of an airgapped env (ordocker loadofc) or he/she wants to achieve whatimagePullPolicy: Alwayswould do. If the images are already cached locally,IfNotPresenttranslates to the same asNever, i.e. don't pull (for ppl with no internet connection).Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Part of cleaning up the API kubernetes/community#2131
Special notes for your reviewer:
This basically reverts: #58960
Release note:
@kubernetes/sig-cluster-lifecycle-pr-reviews @rosti @liztio @chuckha