remove tiller addon (#19636)

Signed-off-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com> Co-authored-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>
2024-09-19 14:21:24 -04:00 · 2024-09-19 14:21:24 -04:00 · f4ded199f0
parent 2afa102a1a
commit f4ded199f0
11 changed files with 0 additions and 310 deletions
--- a/deploy/addons/aliyun_mirror.json
+++ b/deploy/addons/aliyun_mirror.json
@ -34,7 +34,6 @@
  "gcr.io/k8s-minikube/gvisor-addon": "registry.cn-hangzhou.aliyuncs.com/google_containers/gvisor-addon",
  "gcr.io/k8s-minikube/kicbase": "registry.cn-hangzhou.aliyuncs.com/google_containers/kicbase",
  "gcr.io/k8s-minikube/storage-provisioner": "registry.cn-hangzhou.aliyuncs.com/google_containers/storage-provisioner",
  "gcr.io/kubernetes-helm/tiller": "registry.cn-hangzhou.aliyuncs.com/google_containers/tiller",
  "registry.k8s.io/addon-resizer": "registry.cn-hangzhou.aliyuncs.com/google_containers/addon-resizer",
  "registry.k8s.io/busybox": "registry.cn-hangzhou.aliyuncs.com/google_containers/busybox",
  "registry.k8s.io/cluster-autoscaler": "registry.cn-hangzhou.aliyuncs.com/google_containers/cluster-autoscaler",
--- a/deploy/addons/assets.go
+++ b/deploy/addons/assets.go
@ -115,10 +115,6 @@ var (
 	//go:embed gvisor/*.tmpl
 	GvisorAssets embed.FS
 	// HelmTillerAssets assets for helm-tiller addon
 	//go:embed helm-tiller/*.tmpl helm-tiller/*.yaml
 	HelmTillerAssets embed.FS
 	// IngressDNSAssets assets for ingress-dns addon
 	//go:embed ingress-dns/ingress-dns-pod.yaml.tmpl
 	IngressDNSAssets embed.FS
--- a/deploy/addons/helm-tiller/README.md
+++ b/deploy/addons/helm-tiller/README.md
@ -1,23 +0,0 @@
 ## helm-tiller Addon
 [Kubernetes Helm](https://helm.sh) - The Kubernetes Package Manager
 ### Enabling helm-tiller
 To enable this addon, simply run:
 ```shell script
 minikube addons enable helm-tiller
 ```
 In a minute or so tiller will be installed into your cluster. You could run `helm init` each time you create a new minikube instance or you could just enable this addon.
 Each time you start a new minikube instance, tiller will be automatically installed. 
 ### Testing installation
 ```shell script
 helm ls
 ```
 If everything went well you shouldn't get any errors about tiller being installed in your cluster. If you haven't deployed any releases `helm ls` won't return anything.
 ### Deprecation of Tiller
 When tiller is finally deprecated this addon won't be necessary anymore. If your version of helm doesn't use tiller, you don't need this addon.
--- a/deploy/addons/helm-tiller/helm-tiller-dp.yaml.tmpl
+++ b/deploy/addons/helm-tiller/helm-tiller-dp.yaml.tmpl
@ -1,83 +0,0 @@
 # Copyright 2019 The Kubernetes Authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
    app: helm
    name: tiller
    addonmanager.kubernetes.io/mode: Reconcile
    kubernetes.io/minikube-addons: helm
  name: tiller-deploy
  namespace: kube-system
 spec:
  replicas: 1
  selector:
    matchLabels:
      app: helm
      name: tiller
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: helm
        name: tiller
    spec:
      automountServiceAccountToken: true
      containers:
        - env:
            - name: TILLER_NAMESPACE
              value: kube-system
            - name: TILLER_HISTORY_MAX
              value: "0"
          image: {{.CustomRegistries.Tiller  | default .ImageRepository | default .Registries.Tiller }}{{.Images.Tiller}}
          imagePullPolicy: IfNotPresent
          livenessProbe:
            failureThreshold: 3
            httpGet:
              path: /liveness
              port: 44135
              scheme: HTTP
            initialDelaySeconds: 1
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
          name: tiller
          ports:
            - containerPort: 44134
              name: tiller
              protocol: TCP
            - containerPort: 44135
              name: http
              protocol: TCP
          readinessProbe:
            failureThreshold: 3
            httpGet:
              path: /readiness
              port: 44135
              scheme: HTTP
            initialDelaySeconds: 1
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
          resources: {}
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
      serviceAccount: tiller
      serviceAccountName: tiller
--- a/deploy/addons/helm-tiller/helm-tiller-rbac.yaml
+++ b/deploy/addons/helm-tiller/helm-tiller-rbac.yaml
@ -1,42 +0,0 @@
 # Copyright 2019 The Kubernetes Authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: tiller
  namespace: kube-system
  labels:
    app: helm
    name: tiller
    addonmanager.kubernetes.io/mode: Reconcile
    kubernetes.io/minikube-addons: helm
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: tiller-clusterrolebinding
  labels:
    app: helm
    name: tiller
    addonmanager.kubernetes.io/mode: Reconcile
    kubernetes.io/minikube-addons: helm
 subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system
 roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: ""
--- a/deploy/addons/helm-tiller/helm-tiller-svc.yaml
+++ b/deploy/addons/helm-tiller/helm-tiller-svc.yaml
@ -1,34 +0,0 @@
 # Copyright 2019 The Kubernetes Authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    app: helm
    name: tiller
    addonmanager.kubernetes.io/mode: Reconcile
    kubernetes.io/minikube-addons: helm
  name: tiller-deploy
  namespace: kube-system
 spec:
  type: ClusterIP
  ports:
  - name: tiller
    port: 44134
    protocol: TCP
    targetPort: tiller
  selector:
    app: helm
    name: tiller
--- a/pkg/addons/config.go
+++ b/pkg/addons/config.go
@ -74,11 +74,6 @@ var Addons = []*Addon{
 		validations: []setFn{isRuntimeContainerd},
 		callbacks:   []setFn{EnableOrDisableAddon, verifyAddonStatus},
 	},
 	{
 		name:      "helm-tiller",
 		set:       SetBool,
 		callbacks: []setFn{EnableOrDisableAddon},
 	},
 	{
 		name:      "ingress",
 		set:       SetBool,
--- a/pkg/minikube/assets/addons.go
+++ b/pkg/minikube/assets/addons.go
@ -525,29 +525,6 @@ var Addons = map[string]*Addon{
 	}, map[string]string{
 		"GvisorAddon": "gcr.io",
 	}),
 	"helm-tiller": NewAddon([]*BinAsset{
 		MustBinAsset(addons.HelmTillerAssets,
 			"helm-tiller/helm-tiller-dp.yaml.tmpl",
 			vmpath.GuestAddonsDir,
 			"helm-tiller-dp.yaml",
 			"0640"),
 		MustBinAsset(addons.HelmTillerAssets,
 			"helm-tiller/helm-tiller-rbac.yaml",
 			vmpath.GuestAddonsDir,
 			"helm-tiller-rbac.yaml",
 			"0640"),
 		MustBinAsset(addons.HelmTillerAssets,
 			"helm-tiller/helm-tiller-svc.yaml",
 			vmpath.GuestAddonsDir,
 			"helm-tiller-svc.yaml",
 			"0640"),
 	}, false, "helm-tiller", "3rd party (Helm)", "", "https://v2.helm.sh/docs/using_helm/", map[string]string{
 		"Tiller": "helm/tiller:v2.17.0@sha256:4c43eb385032945cad047d2350e4945d913b90b3ab43ee61cecb32a495c6df0f",
 	}, map[string]string{
 		// GCR is deprecated in helm
 		// https://github.com/helm/helm/issues/10004#issuecomment-894478908
 		"Tiller": "ghcr.io",
 	}),
 	"ingress-dns": NewAddon([]*BinAsset{
 		MustBinAsset(addons.IngressDNSAssets,
 			"ingress-dns/ingress-dns-pod.yaml.tmpl",
--- a/site/content/en/docs/contrib/tests.en.md
+++ b/site/content/en/docs/contrib/tests.en.md
@ -30,9 +30,6 @@ tests the registry addon
 #### validateMetricsServerAddon
 tests the metrics server addon by making sure "kubectl top pods" returns a sensible result
 #### validateHelmTillerAddon
 tests the helm tiller addon by running "helm version" inside the cluster
 #### validateOlmAddon
 tests the OLM addon
--- a/site/content/en/docs/handbook/addons/helm-tiller.md
+++ b/site/content/en/docs/handbook/addons/helm-tiller.md
@ -1,30 +0,0 @@
 ---
 title: "Using the Helm Tiller Addon"
 linkTitle: "Helm Tiller"
 weight: 1
 date: 2019-09-23
 ---
 ## helm-tiller Addon
 [Kubernetes Helm](https://helm.sh) - The Kubernetes Package Manager
 ### Enabling helm-tiller
 To enable this addon, simply run:
 ```shell script
 minikube addons enable helm-tiller
 ```
 In a minute or so tiller will be installed into your cluster. You could run `helm init` each time you create a new minikube instance or you could just enable this addon.
 Each time you start a new minikube instance, tiller will be automatically installed. 
 ### Testing installation
 ```shell script
 helm ls
 ```
 If everything went well you shouldn't get any errors about tiller being installed in your cluster. If you haven't deployed any releases `helm ls` won't return anything.
 ### Deprecation of Tiller
 When tiller is finally deprecated this addon won't be necessary anymore. If your version of helm doesn't use tiller, you don't need this addon.
--- a/test/integration/addons_test.go
+++ b/test/integration/addons_test.go
@ -104,9 +104,6 @@ func TestAddons(t *testing.T) {
 		if !NoneDriver() { // none driver does not support ingress
 			args = append(args, "--addons=ingress", "--addons=ingress-dns")
 		}
 		if !arm64Platform() {
 			args = append(args, "--addons=helm-tiller")
 		}
 		rr, err := Run(t, exec.CommandContext(ctx, Target(), args...))
 		if err != nil {
 			t.Fatalf("%s failed: %v", rr.Command(), err)
@ -148,7 +145,6 @@ func TestAddons(t *testing.T) {
 			{"Ingress", validateIngressAddon},
 			{"InspektorGadget", validateInspektorGadgetAddon},
 			{"MetricsServer", validateMetricsServerAddon},
 			{"HelmTiller", validateHelmTillerAddon},
 			{"Olm", validateOlmAddon},
 			{"CSI", validateCSIDriverAndSnapshots},
 			{"Headlamp", validateHeadlampAddon},
@ -437,64 +433,6 @@ func validateMetricsServerAddon(ctx context.Context, t *testing.T, profile strin
 	}
 }
 // validateHelmTillerAddon tests the helm tiller addon by running "helm version" inside the cluster
 func validateHelmTillerAddon(ctx context.Context, t *testing.T, profile string) {
 	defer PostMortemLogs(t, profile)
 	if arm64Platform() {
 		t.Skip("skip Helm test on arm64")
 	}
 	client, err := kapi.Client(profile)
 	if err != nil {
 		t.Fatalf("failed to get Kubernetes client for %s: %v", profile, err)
 	}
 	start := time.Now()
 	if err := kapi.WaitForDeploymentToStabilize(client, "kube-system", "tiller-deploy", Minutes(6)); err != nil {
 		t.Errorf("failed waiting for tiller-deploy deployment to stabilize: %v", err)
 	}
 	t.Logf("tiller-deploy stabilized in %s", time.Since(start))
 	if _, err := PodWait(ctx, t, profile, "kube-system", "app=helm", Minutes(6)); err != nil {
 		t.Fatalf("failed waiting for helm pod: %v", err)
 	}
 	if NoneDriver() {
 		_, err := exec.LookPath("socat")
 		if err != nil {
 			t.Skipf("socat is required by kubectl to complete this test")
 		}
 	}
 	want := "Server: &version.Version"
 	// Test from inside the cluster (`helm version` use pod.list permission.)
 	checkHelmTiller := func() error {
 		rr, err := Run(t, exec.CommandContext(ctx, "kubectl", "--context", profile, "run", "--rm", "helm-test", "--restart=Never", "--image=docker.io/alpine/helm:2.16.3", "-it", "--namespace=kube-system", "--", "version"))
 		if err != nil {
 			return err
 		}
 		if rr.Stderr.String() != "" {
 			t.Logf("%v: unexpected stderr: %s", rr.Command(), rr.Stderr)
 		}
 		if !strings.Contains(rr.Stdout.String(), want) {
 			return fmt.Errorf("%v stdout = %q, want %q", rr.Command(), rr.Stdout, want)
 		}
 		return nil
 	}
 	if err := retry.Expo(checkHelmTiller, 500*time.Millisecond, Minutes(2)); err != nil {
 		t.Errorf("failed checking helm tiller: %v", err.Error())
 	}
 	rr, err := Run(t, exec.CommandContext(ctx, Target(), "-p", profile, "addons", "disable", "helm-tiller", "--alsologtostderr", "-v=1"))
 	if err != nil {
 		t.Errorf("failed disabling helm-tiller addon. arg %q.s %v", rr.Command(), err)
 	}
 }
 // validateOlmAddon tests the OLM addon
 func validateOlmAddon(ctx context.Context, t *testing.T, profile string) {
 	t.Skip("Skipping OLM addon test until https://github.com/operator-framework/operator-lifecycle-manager/issues/2534 is resolved")