From 10b13948934647f0265bb552b8715e7d5ae1049d Mon Sep 17 00:00:00 2001 From: "Rostislav M. Georgiev" Date: Wed, 1 Apr 2020 17:46:30 +0300 Subject: [PATCH] kubeadm join: Wait longer for TLS bootstrapping The TLS bootstrapping timeout is increased to 5 minutes with a retry once every 5 seconds. Failing fast if the kubelet is not healthy is also preserved. Signed-off-by: Rostislav M. Georgiev --- cmd/kubeadm/app/cmd/phases/join/kubelet.go | 2 +- cmd/kubeadm/app/constants/constants.go | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/cmd/kubeadm/app/cmd/phases/join/kubelet.go b/cmd/kubeadm/app/cmd/phases/join/kubelet.go index add3ed4d8f82..c08a91d4c2ad 100644 --- a/cmd/kubeadm/app/cmd/phases/join/kubelet.go +++ b/cmd/kubeadm/app/cmd/phases/join/kubelet.go @@ -178,7 +178,7 @@ func waitForTLSBootstrappedClient() error { fmt.Println("[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...") // Loop on every falsy return. Return with an error if raised. Exit successfully if true is returned. - return wait.PollImmediate(kubeadmconstants.APICallRetryInterval, kubeadmconstants.TLSBootstrapTimeout, func() (bool, error) { + return wait.PollImmediate(kubeadmconstants.TLSBootstrapRetryInterval, kubeadmconstants.TLSBootstrapTimeout, func() (bool, error) { // Check that we can create a client set out of the kubelet kubeconfig. This ensures not // only that the kubeconfig file exists, but that other files required by it also exist (like // client certificate and key) diff --git a/cmd/kubeadm/app/constants/constants.go b/cmd/kubeadm/app/constants/constants.go index 75adf43558a5..47c2615c4a84 100644 --- a/cmd/kubeadm/app/constants/constants.go +++ b/cmd/kubeadm/app/constants/constants.go @@ -180,7 +180,9 @@ const ( // PatchNodeTimeout specifies how long kubeadm should wait for applying the label and taint on the control-plane before timing out PatchNodeTimeout = 2 * time.Minute // TLSBootstrapTimeout specifies how long kubeadm should wait for the kubelet to perform the TLS Bootstrap - TLSBootstrapTimeout = 2 * time.Minute + TLSBootstrapTimeout = 5 * time.Minute + // TLSBootstrapRetryInterval specifies how long kubeadm should wait before retrying the TLS Bootstrap check + TLSBootstrapRetryInterval = 5 * time.Second // PrepullImagesInParallelTimeout specifies how long kubeadm should wait for prepulling images in parallel before timing out PrepullImagesInParallelTimeout = 10 * time.Second