Add the flag --allow-experimental-api to the "config migrate" and
"config validate" commands. The flag allows validating / migrating-to
a unreleased / experimental API version.
Add a new experimentalAPIVersions map in validateSupportedVersion()
that contains v1beta4.
Move the defaulting of the BootstrapToken type inside the
bootstraptoken/v1 package. This prevents an error where
codegen complains that a defaulter for the type exists in both
the kubeadm v1beta3 and v1beta4.
Adapt kubeadm code to use the defaulter function and constants
that were moved to bootstraptoken/v1.
NOTE: technically this is a breaking change for direct users of
v1beta3/SetDefaults_BootstrapToken().
- drop versions < 1.22 in the etcd map
- use 3.5.9-0 for >= 1.22 versions
- make the minimum version for external etcd 3.4.13-4 and max 3.5.9-0
- update images_test to not rely on a pinned etcd version in tests
note: the image 3.4.18-0 was never released in registry.k8s.io!
The command can be used to validate an input --config and throw
warnings and errors.
Add a new argument strctErrors to the functions
documentMapTo{Init|Join}Configuration(). This allows
to return errors from the calls to VerifyUnmarshalStrict().
Add a new function verifyKnownGVKs() in config/common.go
that is used to verify if a list of GVKs in a config file is
known. This function is used by the "validate" and "migrate"
commands.
Both commands now throw errors for unknown APIs or fields.
TestBindToCommandArgRequirements has a .Pointer()
comparison that is not guaranteed to pass given
the reflected functions are closures.
This test is consistently failing on Go 1.21 rc1.
Remove said comparison from the test.
Before this commit, kubeadm starts kubelet before it creates
/etc/kubernetes/manifests. On boot, kubelet tries to load the
static pod manifests from this dir by calling `listConfig()`
7ad8303b96/pkg/kubelet/config/file.go (L97)
and it'll then try to start a file watcher every second for 20s
7ad8303b96/pkg/kubelet/config/file.go (L114)7ad8303b96/pkg/kubelet/config/file_linux.go (L51-L67)
If kubelet starts and calls `listConfig()` before kubeadm creates
`/etc/kubernetes/manifests` (while writing the static pods manifests),
the file watcher will be created less than a second after, but there
will be no changes to report, so the manifests will only be detected
on the next tick of `listTicker`, a bit less than 20s later
7ad8303b96/pkg/kubelet/config/file.go (L102-L103)
Even if we fixed the watch code to `listConfig()` just after starting the
inotify watch, watching source file is only supported on linux,
so moving the manifests generation before kubelet start fixes all
cases and make more sense IMO.
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
If the etcd member is not found, then it has already been removed, and
kubeadm reset should immediately complete the 'remove-etcd-member'
phase. Previously, the phase would complete only once the
exponential-backoff retry expired, up to 3 minutes duration.
This commit also fixes a semantic error in etcd.GetMemberID. Previously,
the function returned 0 if no member was found, but 0 is not a valid
member ID.
* update serial number to a valid non-zero number in ca certificate
* fix the existing problem (0 SerialNumber in all certificate) as part of this PR in a separate commit
