Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: coredns node uninitialized toleration #6938

Merged
merged 1 commit into from
Mar 13, 2023
Merged

feat: coredns node uninitialized toleration #6938

merged 1 commit into from
Mar 13, 2023

Conversation

sergelogvinov
Copy link
Sponsor Contributor

Launch CoreDNS even if the node is not initialized. Network is ready already, but CCM didn't finish their job.
CCM needs the dns resolver to reach the talos-api, but CoreDNS stack in toleration condition.
I didn't catch this lock before, because I used my own coredns deploy....

I remove the CriticalAddonsOnly key. It was from kubeadm bootstrap process.
We do not use it.

Pull Request

What? (description)

Why? (reasoning)

Acceptance

Please use the following checklist:

  • you linked an issue (if applicable)
  • you included tests (if applicable)
  • you ran conformance (make conformance)
  • you formatted your code (make fmt)
  • you linted your code (make lint)
  • you generated documentation (make docs)
  • you ran unit-tests (make unit-tests)

See make help for a description of the available targets.

@frezbo
Copy link
Member

frezbo commented Mar 12, 2023

isn;t ccm's deployed with hostnetwork?

@sergelogvinov
Copy link
Sponsor Contributor Author

It can be launch in both mode - with or without hostnetwork. In first case, make sense to think about port overlapping, something can use the same ports already...

But all modes do not solve service resolving inside the kubernetes...
For example - cilium uses IP, or external host name to reach the kubernetes api (k8sServiceHost value in helm chart). CoreDNS does the same in a few cases (endpoint, kubeconfig values in config).

Boot process:
node created with tenants node.kubernetes.io/network-unavailable, node.cloudprovider.kubernetes.io/uninitialized -> after successful launch CNI, node has node.cloudprovider.kubernetes.io/uninitialized (network ready already) -> coredns can starts now with CCM -> CCM resolve hosts/resources, do some job and remove uninitialized tenant -> Node fully ready.

smira
smira approved these changes Mar 13, 2023
View reviewed changes
Copy link
Member

@smira smira left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, CriticalAddonsOnly looks like a leftover from really ancient times

@sergelogvinov @smira
feat: coredns node uninitialized toleration
9948a64 
Launch CoreDNS even if the node is not initialized.
Network is ready already, but CCM didn't finish their job.

Signed-off-by: Serge Logvinov <serge.logvinov@sinextra.dev>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
@smira
Copy link
Member

smira commented Mar 13, 2023

/ok-to-test

@smira
Copy link
Member

smira commented Mar 13, 2023

/m

@talos-bot talos-bot merged commit 9948a64 into siderolabs:main Mar 13, 2023
@sergelogvinov sergelogvinov mentioned this pull request Jun 15, 2023
Closed
@sergelogvinov sergelogvinov deleted the uninitialized-node branch June 15, 2023 08:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smira smira smira approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sergelogvinov @frezbo @smira @talos-bot