Remove untainting logic.
dlorenc
parent
2be51dc6bc
commit
eec47aaa71
|
|
@ -135,12 +135,6 @@ func (k *KubeadmBootstrapper) StartCluster(k8s config.KubernetesConfig) error {
|
|||
return errors.Wrapf(err, "kubeadm init error %s running command: %s", b.String(), out)
|
||||
}
|
||||
|
||||
//TODO(r2d4): get rid of global here
|
||||
master = k8s.NodeName
|
||||
if err := util.RetryAfter(200, unmarkMaster, time.Second*1); err != nil {
|
||||
return errors.Wrap(err, "timed out waiting to unmark master")
|
||||
}
|
||||
|
||||
if err := util.RetryAfter(100, elevateKubeSystemPrivileges, time.Millisecond*500); err != nil {
|
||||
return errors.Wrap(err, "timed out waiting to elevate kube-system RBAC privileges")
|
||||
}
|
||||
|
|
@ -363,6 +357,7 @@ func generateConfig(k8s config.KubernetesConfig) (string, error) {
|
|||
NodeName string
|
||||
ExtraArgs []ComponentExtraArgs
|
||||
FeatureArgs map[string]bool
|
||||
NoTaintMaster bool
|
||||
}{
|
||||
CertDir: util.DefaultCertPath,
|
||||
ServiceCIDR: util.DefaultServiceCIDR,
|
||||
|
|
@ -373,6 +368,11 @@ func generateConfig(k8s config.KubernetesConfig) (string, error) {
|
|||
NodeName: k8s.NodeName,
|
||||
ExtraArgs: extraComponentConfig,
|
||||
FeatureArgs: kubeadmFeatureArgs,
|
||||
NoTaintMaster: false,
|
||||
}
|
||||
|
||||
if version.GTE(semver.MustParse("1.10.0-alpha.0")) {
|
||||
opts.NoTaintMaster = true
|
||||
}
|
||||
|
||||
b := bytes.Buffer{}
|
||||
|
|
|
|||
|
|
@ -39,6 +39,7 @@ func TestGenerateConfig(t *testing.T) {
|
|||
},
|
||||
expectedCfg: `apiVersion: kubeadm.k8s.io/v1alpha1
|
||||
kind: MasterConfiguration
|
||||
noTaintMaster: true
|
||||
api:
|
||||
advertiseAddress: 192.168.1.100
|
||||
bindPort: 8443
|
||||
|
|
@ -80,6 +81,7 @@ apiServerExtraArgs:
|
|||
},
|
||||
expectedCfg: `apiVersion: kubeadm.k8s.io/v1alpha1
|
||||
kind: MasterConfiguration
|
||||
noTaintMaster: true
|
||||
api:
|
||||
advertiseAddress: 192.168.1.101
|
||||
bindPort: 8443
|
||||
|
|
@ -121,6 +123,7 @@ schedulerExtraArgs:
|
|||
},
|
||||
expectedCfg: `apiVersion: kubeadm.k8s.io/v1alpha1
|
||||
kind: MasterConfiguration
|
||||
noTaintMaster: true
|
||||
api:
|
||||
advertiseAddress: 192.168.1.101
|
||||
bindPort: 8443
|
||||
|
|
@ -148,6 +151,7 @@ apiServerExtraArgs:
|
|||
},
|
||||
expectedCfg: `apiVersion: kubeadm.k8s.io/v1alpha1
|
||||
kind: MasterConfiguration
|
||||
noTaintMaster: true
|
||||
api:
|
||||
advertiseAddress: 192.168.1.101
|
||||
bindPort: 8443
|
||||
|
|
@ -185,6 +189,7 @@ schedulerExtraArgs:
|
|||
},
|
||||
expectedCfg: `apiVersion: kubeadm.k8s.io/v1alpha1
|
||||
kind: MasterConfiguration
|
||||
noTaintMaster: true
|
||||
api:
|
||||
advertiseAddress: 192.168.1.101
|
||||
bindPort: 8443
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ var kubeadmConfigTemplate = template.Must(template.New("kubeadmConfigTemplate").
|
|||
"printMapInOrder": printMapInOrder,
|
||||
}).Parse(`apiVersion: kubeadm.k8s.io/v1alpha1
|
||||
kind: MasterConfiguration
|
||||
{{if .NoTaintMaster}}noTaintMaster: true{{end}}
|
||||
api:
|
||||
advertiseAddress: {{.AdvertiseAddress}}
|
||||
bindPort: {{.APIServerPort}}
|
||||
|
|
|
|||
|
|
@ -18,78 +18,24 @@ package kubeadm
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"html/template"
|
||||
"strings"
|
||||
|
||||
"github.com/golang/glog"
|
||||
"github.com/pkg/errors"
|
||||
clientv1 "k8s.io/api/core/v1"
|
||||
rbacv1beta1 "k8s.io/api/rbac/v1beta1"
|
||||
apierrs "k8s.io/apimachinery/pkg/api/errors"
|
||||
"k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/labels"
|
||||
"k8s.io/apimachinery/pkg/types"
|
||||
"k8s.io/apimachinery/pkg/util/strategicpatch"
|
||||
"k8s.io/minikube/pkg/minikube/config"
|
||||
"k8s.io/minikube/pkg/minikube/service"
|
||||
"k8s.io/minikube/pkg/util"
|
||||
)
|
||||
|
||||
const (
|
||||
masterTaint = "node-role.kubernetes.io/master"
|
||||
rbacName = "minikube-rbac"
|
||||
rbacName = "minikube-rbac"
|
||||
)
|
||||
|
||||
var master = ""
|
||||
|
||||
func unmarkMaster() error {
|
||||
k8s := service.K8s
|
||||
client, err := k8s.GetCoreClient()
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "getting core client")
|
||||
}
|
||||
n, err := client.Nodes().Get(master, v1.GetOptions{})
|
||||
if err != nil {
|
||||
return errors.Wrapf(err, "getting node %s", master)
|
||||
}
|
||||
|
||||
oldData, err := json.Marshal(n)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "json marshalling data before patch")
|
||||
}
|
||||
|
||||
newTaints := []clientv1.Taint{}
|
||||
for _, taint := range n.Spec.Taints {
|
||||
if taint.Key == masterTaint {
|
||||
continue
|
||||
}
|
||||
|
||||
newTaints = append(newTaints, taint)
|
||||
}
|
||||
n.Spec.Taints = newTaints
|
||||
|
||||
newData, err := json.Marshal(n)
|
||||
if err != nil {
|
||||
return errors.Wrapf(err, "json marshalling data after patch")
|
||||
}
|
||||
|
||||
patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldData, newData, clientv1.Node{})
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "creating strategic patch")
|
||||
}
|
||||
|
||||
if _, err := client.Nodes().Patch(n.Name, types.StrategicMergePatchType, patchBytes); err != nil {
|
||||
if apierrs.IsConflict(err) {
|
||||
return errors.Wrap(err, "strategic patch conflict")
|
||||
}
|
||||
return errors.Wrap(err, "applying strategic patch")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// elevateKubeSystemPrivileges gives the kube-system service account
|
||||
// cluster admin privileges to work with RBAC.
|
||||
func elevateKubeSystemPrivileges() error {
|
||||
|
|
|
|||
Loading…
Reference in New Issue