Since kube-proxy in LocalModeNodeCIDR needs to obtain the PodCIDR
assigned to the node it watches for the Node object.
However, kube-proxy startup process requires to have these watches in
different places, that opens the possibility of having a race condition
if the same node is recreated and a different PodCIDR is assigned.
Initializing the second watch with the value obtained in the first one
allows us to detect this situation.
Change-Id: I6adeedb6914ad2afd3e0694dcab619c2a66135f8
Signed-off-by: Antonio Ojea <aojea@google.com>
The command can be used to validate an input --config and throw
warnings and errors.
Add a new argument strctErrors to the functions
documentMapTo{Init|Join}Configuration(). This allows
to return errors from the calls to VerifyUnmarshalStrict().
Add a new function verifyKnownGVKs() in config/common.go
that is used to verify if a list of GVKs in a config file is
known. This function is used by the "validate" and "migrate"
commands.
Both commands now throw errors for unknown APIs or fields.
Move the Linux-specific conntrack setup code into a new
"platformSetup" rather than trying to fit it into the generic setup
code.
Also move metrics registration there.
TestBindToCommandArgRequirements has a .Pointer()
comparison that is not guaranteed to pass given
the reflected functions are closures.
This test is consistently failing on Go 1.21 rc1.
Remove said comparison from the test.
Before this commit, kubeadm starts kubelet before it creates
/etc/kubernetes/manifests. On boot, kubelet tries to load the
static pod manifests from this dir by calling `listConfig()`
7ad8303b96/pkg/kubelet/config/file.go (L97)
and it'll then try to start a file watcher every second for 20s
7ad8303b96/pkg/kubelet/config/file.go (L114)7ad8303b96/pkg/kubelet/config/file_linux.go (L51-L67)
If kubelet starts and calls `listConfig()` before kubeadm creates
`/etc/kubernetes/manifests` (while writing the static pods manifests),
the file watcher will be created less than a second after, but there
will be no changes to report, so the manifests will only be detected
on the next tick of `listTicker`, a bit less than 20s later
7ad8303b96/pkg/kubelet/config/file.go (L102-L103)
Even if we fixed the watch code to `listConfig()` just after starting the
inotify watch, watching source file is only supported on linux,
so moving the manifests generation before kubelet start fixes all
cases and make more sense IMO.
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
