Merge pull request #124038 from SataQiu/fix-kubeadm-20240325

kubeadm: stop storing the ResolverConfig in the global KubeletConfiguration and instead set it dynamically for each node
2024-04-18 02:11:29 -07:00
parent 1646f2cfdb c1f2167803
commit f3e7e008a4
6 changed files with 127 additions and 35 deletions
--- a/cmd/kubeadm/app/componentconfigs/kubelet.go
+++ b/cmd/kubeadm/app/componentconfigs/kubelet.go
@@ -28,7 +28,6 @@ import (
 	kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
 	kubeadmapiv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3"
 	"k8s.io/kubernetes/cmd/kubeadm/app/constants"
-	"k8s.io/kubernetes/cmd/kubeadm/app/util/initsystem"
 )

 const (
@@ -196,27 +195,4 @@ func (kc *kubeletConfig) Default(cfg *kubeadmapi.ClusterConfiguration, _ *kubead
 		klog.V(1).Infof("the value of KubeletConfiguration.cgroupDriver is empty; setting it to %q", constants.CgroupDriverSystemd)
 		kc.config.CgroupDriver = constants.CgroupDriverSystemd
 	}
-
-	ok, err := isServiceActive("systemd-resolved")
-	if err != nil {
-		klog.Warningf("cannot determine if systemd-resolved is active: %v", err)
-	}
-	if ok {
-		if kc.config.ResolverConfig == nil {
-			kc.config.ResolverConfig = ptr.To(kubeletSystemdResolverConfig)
-		} else {
-			if *kc.config.ResolverConfig != kubeletSystemdResolverConfig {
-				warnDefaultComponentConfigValue(kind, "resolvConf", kubeletSystemdResolverConfig, *kc.config.ResolverConfig)
-			}
-		}
-	}
-}
-
-// isServiceActive checks whether the given service exists and is running
-func isServiceActive(name string) (bool, error) {
-	initSystem, err := initsystem.GetInitSystem()
-	if err != nil {
-		return false, err
-	}
-	return initSystem.ServiceIsActive(name), nil
 }
--- a/cmd/kubeadm/app/componentconfigs/kubelet_test.go
+++ b/cmd/kubeadm/app/componentconfigs/kubelet_test.go
@@ -49,12 +49,6 @@ func testKubeletConfigMap(contents string) *v1.ConfigMap {
 }

 func TestKubeletDefault(t *testing.T) {
-	var resolverConfig *string
-	if isSystemdResolvedActive, _ := isServiceActive("systemd-resolved"); isSystemdResolvedActive {
-		// If systemd-resolved is active, we need to set the default resolver config
-		resolverConfig = ptr.To(kubeletSystemdResolverConfig)
-	}
-
 	tests := []struct {
 		name       string
 		clusterCfg kubeadmapi.ClusterConfiguration
@@ -85,7 +79,6 @@ func TestKubeletDefault(t *testing.T) {
 					HealthzBindAddress: kubeletHealthzBindAddress,
 					HealthzPort:        ptr.To[int32](constants.KubeletHealthzPort),
 					RotateCertificates: kubeletRotateCertificates,
-					ResolverConfig:     resolverConfig,
 					CgroupDriver:       constants.CgroupDriverSystemd,
 				},
 			},
@@ -119,7 +112,6 @@ func TestKubeletDefault(t *testing.T) {
 					HealthzBindAddress: kubeletHealthzBindAddress,
 					HealthzPort:        ptr.To[int32](constants.KubeletHealthzPort),
 					RotateCertificates: kubeletRotateCertificates,
-					ResolverConfig:     resolverConfig,
 					CgroupDriver:       constants.CgroupDriverSystemd,
 				},
 			},
@@ -153,7 +145,6 @@ func TestKubeletDefault(t *testing.T) {
 					HealthzBindAddress: kubeletHealthzBindAddress,
 					HealthzPort:        ptr.To[int32](constants.KubeletHealthzPort),
 					RotateCertificates: kubeletRotateCertificates,
-					ResolverConfig:     resolverConfig,
 					CgroupDriver:       constants.CgroupDriverSystemd,
 				},
 			},
@@ -188,7 +179,6 @@ func TestKubeletDefault(t *testing.T) {
 					HealthzBindAddress: kubeletHealthzBindAddress,
 					HealthzPort:        ptr.To[int32](constants.KubeletHealthzPort),
 					RotateCertificates: kubeletRotateCertificates,
-					ResolverConfig:     resolverConfig,
 					CgroupDriver:       constants.CgroupDriverSystemd,
 				},
 			},
@@ -220,7 +210,6 @@ func TestKubeletDefault(t *testing.T) {
 					HealthzBindAddress: kubeletHealthzBindAddress,
 					HealthzPort:        ptr.To[int32](constants.KubeletHealthzPort),
 					RotateCertificates: kubeletRotateCertificates,
-					ResolverConfig:     resolverConfig,
 					CgroupDriver:       constants.CgroupDriverSystemd,
 				},
 			},
--- a/cmd/kubeadm/app/componentconfigs/kubelet_unix.go
+++ b/cmd/kubeadm/app/componentconfigs/kubelet_unix.go
@@ -19,7 +19,45 @@ limitations under the License.

 package componentconfigs

+import (
+	"k8s.io/klog/v2"
+	kubeletconfig "k8s.io/kubelet/config/v1beta1"
+	"k8s.io/utils/ptr"
+
+	"k8s.io/kubernetes/cmd/kubeadm/app/util/initsystem"
+)
+
 // Mutate allows applying pre-defined modifications to the config before it's marshaled.
 func (kc *kubeletConfig) Mutate() error {
+	if err := mutateResolverConfig(&kc.config, isServiceActive); err != nil {
+		return err
+	}
 	return nil
 }
+
+// mutateResolverConfig mutates the ResolverConfig in the kubeletConfig dynamically.
+func mutateResolverConfig(cfg *kubeletconfig.KubeletConfiguration, isServiceActiveFunc func(string) (bool, error)) error {
+	ok, err := isServiceActiveFunc("systemd-resolved")
+	if err != nil {
+		klog.Warningf("cannot determine if systemd-resolved is active: %v", err)
+	}
+	if ok {
+		if cfg.ResolverConfig == nil {
+			cfg.ResolverConfig = ptr.To(kubeletSystemdResolverConfig)
+		} else if *cfg.ResolverConfig != kubeletSystemdResolverConfig {
+			warnDefaultComponentConfigValue("KubeletConfiguration", "resolvConf",
+				kubeletSystemdResolverConfig, *cfg.ResolverConfig)
+		}
+
+	}
+	return nil
+}
+
+// isServiceActive checks whether the given service exists and is running
+func isServiceActive(name string) (bool, error) {
+	initSystem, err := initsystem.GetInitSystem()
+	if err != nil {
+		return false, err
+	}
+	return initSystem.ServiceIsActive(name), nil
+}
--- a/cmd/kubeadm/app/componentconfigs/kubelet_unix_test.go
+++ b/cmd/kubeadm/app/componentconfigs/kubelet_unix_test.go
@@ -0,0 +1,83 @@
+//go:build !windows
+// +build !windows
+
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package componentconfigs
+
+import (
+	"reflect"
+	"testing"
+
+	kubeletconfig "k8s.io/kubelet/config/v1beta1"
+	"k8s.io/utils/ptr"
+)
+
+func TestMutateResolverConfig(t *testing.T) {
+	var fooResolverConfig = "/foo/resolver"
+
+	tests := []struct {
+		name                string
+		cfg                 *kubeletconfig.KubeletConfiguration
+		isServiceActiveFunc func(string) (bool, error)
+		expected            *kubeletconfig.KubeletConfiguration
+	}{
+		{
+			name: "the resolver config should not be mutated when it was set already even if systemd-resolved is active",
+			cfg: &kubeletconfig.KubeletConfiguration{
+				ResolverConfig: ptr.To(fooResolverConfig),
+			},
+			isServiceActiveFunc: func(string) (bool, error) { return true, nil },
+			expected: &kubeletconfig.KubeletConfiguration{
+				ResolverConfig: ptr.To(fooResolverConfig),
+			},
+		},
+		{
+			name: "the resolver config should be set when systemd-resolved is active",
+			cfg: &kubeletconfig.KubeletConfiguration{
+				ResolverConfig: nil,
+			},
+			isServiceActiveFunc: func(string) (bool, error) { return true, nil },
+			expected: &kubeletconfig.KubeletConfiguration{
+				ResolverConfig: ptr.To(kubeletSystemdResolverConfig),
+			},
+		},
+		{
+			name: "the resolver config should not be set when systemd-resolved is not active",
+			cfg: &kubeletconfig.KubeletConfiguration{
+				ResolverConfig: nil,
+			},
+			isServiceActiveFunc: func(string) (bool, error) { return false, nil },
+			expected: &kubeletconfig.KubeletConfiguration{
+				ResolverConfig: nil,
+			},
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			err := mutateResolverConfig(test.cfg, test.isServiceActiveFunc)
+			if err != nil {
+				t.Fatalf("failed to mutate ResolverConfig for KubeletConfiguration, %v", err)
+			}
+			if !reflect.DeepEqual(test.cfg, test.expected) {
+				t.Errorf("Missmatch between expected and got:\nExpected:\n%+v\n---\nGot:\n%+v",
+					test.expected, test.cfg)
+			}
+		})
+	}
+}
--- a/cmd/kubeadm/app/componentconfigs/kubelet_windows.go
+++ b/cmd/kubeadm/app/componentconfigs/kubelet_windows.go
@@ -1,3 +1,6 @@
+//go:build windows
+// +build windows
+
 /*
 Copyright 2021 The Kubernetes Authors.

--- a/cmd/kubeadm/app/componentconfigs/kubelet_windows_test.go
+++ b/cmd/kubeadm/app/componentconfigs/kubelet_windows_test.go
@@ -1,3 +1,6 @@
+//go:build windows
+// +build windows
+
 /*
 Copyright 2021 The Kubernetes Authors.