Skip to content

Comments

Extend manifests to work properly with kubeadm#22

Merged
stano45 merged 7 commits intomainfrom
kubeadm
Aug 20, 2024
Merged

Extend manifests to work properly with kubeadm#22
stano45 merged 7 commits intomainfrom
kubeadm

Conversation

@stano45
Copy link
Owner

@stano45 stano45 commented Aug 16, 2024

Add ServiceAccount and ClusterRoleBinding to the daemonset manifest
When initializing a local single-node Kubernetes cluster with kubeadm, kube-router is not able to access certaub resources and fails to start. This PR adds a ServiceAccount and a ClusterRoleBinding to the kube-router manifest.
This manifest comes from the official kube-router repository

Add checkpoint-rbac.yaml
This allows the kubectl checkpoint plugin to create the container checkpoint.

Run curl with sudo in kubectl-checkpoint
Previously, the curl command could not access the kubelet's client certificate and key.

Update README.md with kubeadm instructions

  • Updated with specific instructions for kubeadm
  • Added instruction to apply the RBAC manifest
  • Updated the commands of step 9 to run as root
  • Added a note that the local registry is optional

stano45 added 4 commits August 16, 2024 13:13
@stano45
Add ServiceAccount to kube-router manifest
6562997 
When initializing a local single-node Kubernetes
cluster with kubeadm, kube-router is not able to
access certaub resources and fails to start.
This commit adds a ServiceAccount and a
ClusterRoleBinding to the kube-router manifest.
This manifest comes from the official kube-router
repository:
(daemonset/kubeadm-kuberouter-all-features.yaml).
@stano45
Add checkpoint-rbac.yaml
004ccd3 
This allows the kubectl checkpoint plugin to
create the container checkpoint.
@stano45
Run curl with sudo in kubectl-checkpoint
1862c9e 
Previously, the curl command could not access
the kubelet's client certificate and key.
@stano45
Update README.md with kubeadm instructions
0e488f0 
- Updated with specific instructions for kubeadm
- Added instruction to apply the RBAC manifest
- Updated the commands of step 9 to run as root
- Added a note that the local registry is optional
rst0git
rst0git reviewed Aug 19, 2024
View reviewed changes
examples/container_migration_in_kubernetes/manifests/checkpoint-rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: checkpoint-role
Copy link
Contributor

@rst0git rst0git Aug 19, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would you be able to add more information on how this RBAC role is used with container checkpointing?

Copy link
Owner Author

@stano45 stano45 Aug 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added a comment on the top of the manifest file.

Copy link
Contributor

@rst0git rst0git Aug 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like this is fixed in the following pull request:

kubernetes/kubernetes#126724
kubernetes/kubernetes#126232

@stano45 stano45 requested a review from rst0git August 20, 2024 14:51
@stano45 stano45 merged commit af59f69 into main Aug 20, 2024
@stano45 stano45 deleted the kubeadm branch August 20, 2024 15:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rst0git rst0git Awaiting requested review from rst0git

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stano45 @rst0git