Merge pull request #74873 from neolit123/fix-join-phase-preflight

kubeadm: add a flag to RunInitNodeChecks to indicate sec. control-plane
2019-03-05 08:16:50 -08:00
parent 493f53433a af9e3fcfaa
commit c525155b31
4 changed files with 30 additions and 21 deletions
--- a/cmd/kubeadm/app/cmd/phases/init/preflight.go
+++ b/cmd/kubeadm/app/cmd/phases/init/preflight.go
@@ -57,7 +57,7 @@ func runPreflight(c workflow.RunData) error {
 	}

 	fmt.Println("[preflight] Running pre-flight checks")
-	if err := preflight.RunInitNodeChecks(utilsexec.New(), data.Cfg(), data.IgnorePreflightErrors()); err != nil {
+	if err := preflight.RunInitNodeChecks(utilsexec.New(), data.Cfg(), data.IgnorePreflightErrors(), false); err != nil {
 		return err
 	}

--- a/cmd/kubeadm/app/cmd/phases/join/preflight.go
+++ b/cmd/kubeadm/app/cmd/phases/join/preflight.go
@@ -120,7 +120,7 @@ func runPreflight(c workflow.RunData) error {

 		// run kubeadm init preflight checks for checking all the prequisites
 		fmt.Println("[preflight] Running pre-flight checks before initializing the new control plane instance")
-		if err := preflight.RunInitNodeChecks(utilsexec.New(), initCfg, j.IgnorePreflightErrors()); err != nil {
+		if err := preflight.RunInitNodeChecks(utilsexec.New(), initCfg, j.IgnorePreflightErrors(), true); err != nil {
 			return err
 		}

--- a/cmd/kubeadm/app/preflight/checks.go
+++ b/cmd/kubeadm/app/preflight/checks.go
@@ -873,10 +873,14 @@ func (ncc NumCPUCheck) Check() (warnings, errorList []error) {
 }

 // RunInitNodeChecks executes all individual, applicable to control-plane node checks.
-func RunInitNodeChecks(execer utilsexec.Interface, cfg *kubeadmapi.InitConfiguration, ignorePreflightErrors sets.String) error {
-	// First, check if we're root separately from the other preflight checks and fail fast
-	if err := RunRootCheckOnly(ignorePreflightErrors); err != nil {
-		return err
+// The boolean flag 'isSecondaryControlPlane' controls whether we are running checks in a --join-control-plane scenario.
+// If the flag is set to true we should skip checks already executed by RunJoinNodeChecks and RunOptionalJoinNodeChecks.
+func RunInitNodeChecks(execer utilsexec.Interface, cfg *kubeadmapi.InitConfiguration, ignorePreflightErrors sets.String, isSecondaryControlPlane bool) error {
+	if !isSecondaryControlPlane {
+		// First, check if we're root separately from the other preflight checks and fail fast
+		if err := RunRootCheckOnly(ignorePreflightErrors); err != nil {
+			return err
+		}
 	}

 	manifestsDir := filepath.Join(kubeadmconstants.KubernetesDir, kubeadmconstants.ManifestsSubDirName)
@@ -895,13 +899,26 @@ func RunInitNodeChecks(execer utilsexec.Interface, cfg *kubeadmapi.InitConfigura
 		HTTPProxyCIDRCheck{Proto: "https", CIDR: cfg.Networking.ServiceSubnet},
 		HTTPProxyCIDRCheck{Proto: "https", CIDR: cfg.Networking.PodSubnet},
 	}
-	checks = addCommonChecks(execer, cfg, checks)

-	// Check ipvs required kernel module once we use ipvs kube-proxy mode
-	if cfg.ComponentConfigs.KubeProxy != nil && cfg.ComponentConfigs.KubeProxy.Mode == ipvsutil.IPVSProxyMode {
-		checks = append(checks,
-			ipvsutil.RequiredIPVSKernelModulesAvailableCheck{Executor: execer},
-		)
+	if !isSecondaryControlPlane {
+		checks = addCommonChecks(execer, cfg, checks)
+
+		// Check IVPS required kernel module once we use IVPS kube-proxy mode
+		if cfg.ComponentConfigs.KubeProxy != nil && cfg.ComponentConfigs.KubeProxy.Mode == ipvsutil.IPVSProxyMode {
+			checks = append(checks,
+				ipvsutil.RequiredIPVSKernelModulesAvailableCheck{Executor: execer},
+			)
+		}
+
+		// Check if Bridge-netfilter and IPv6 relevant flags are set
+		if ip := net.ParseIP(cfg.LocalAPIEndpoint.AdvertiseAddress); ip != nil {
+			if ip.To4() == nil && ip.To16() != nil {
+				checks = append(checks,
+					FileContentCheck{Path: bridgenf6, Content: []byte{'1'}},
+					FileContentCheck{Path: ipv6DefaultForwarding, Content: []byte{'1'}},
+				)
+			}
+		}
 	}

 	if cfg.Etcd.Local != nil {
@@ -927,14 +944,6 @@ func RunInitNodeChecks(execer utilsexec.Interface, cfg *kubeadmapi.InitConfigura
 		checks = append(checks, ExternalEtcdVersionCheck{Etcd: cfg.Etcd})
 	}

-	if ip := net.ParseIP(cfg.LocalAPIEndpoint.AdvertiseAddress); ip != nil {
-		if ip.To4() == nil && ip.To16() != nil {
-			checks = append(checks,
-				FileContentCheck{Path: bridgenf6, Content: []byte{'1'}},
-				FileContentCheck{Path: ipv6DefaultForwarding, Content: []byte{'1'}},
-			)
-		}
-	}
 	return RunChecks(checks, os.Stderr, ignorePreflightErrors)
 }

--- a/cmd/kubeadm/app/preflight/checks_test.go
+++ b/cmd/kubeadm/app/preflight/checks_test.go
@@ -232,7 +232,7 @@ func TestRunInitNodeChecks(t *testing.T) {
 	}
 	for _, rt := range tests {
 		// TODO: Make RunInitNodeChecks accept a ClusterConfiguration object instead of InitConfiguration
-		actual := RunInitNodeChecks(exec.New(), rt.cfg, sets.NewString())
+		actual := RunInitNodeChecks(exec.New(), rt.cfg, sets.NewString(), false)
 		if (actual == nil) != rt.expected {
 			t.Errorf(
 				"failed RunInitNodeChecks:\n\texpected: %t\n\t  actual: %t\n\t error: %v",