v1beta3.ClusterConfiguration.APIServer.TimeoutForControlPlane
must be migrated to {Init|Join}Configuration.Timeouts.
.ControlPlaneComponentHealthCheck.
To achieve this sort of cross-Kind migration do the following:
- Use a temporary, thread-safe variable in timeoututils.go
- Make the order of GVKs in documentMapToInitConfiguration
deterministic.
Flags for kubeadm init such as --apiserver-extra-args prior
to v1beta4 used a map[string]string for pflag.Value storage. This no
longer works since v1beta4 extra args are a slice of Arg.
Add a new flag type argSlice and implement a solution for
parsing these flags.
At the same time deprecate these flags and show a warning
that users should use config.
Instead of defaulting ExtraEnvs for CP components to an empty
slice when converting from/to v1beta3 keep it nil.
This allows for expecting a nil value in the internal
config, similarly to ExtraArgs.
- Include some more examples related to v1beta4 in the doc.go.
- Fix some typos in v1beta4 field comments.
- Add missing JSON tag for UpgradeConfiguration.Apply.SkipPhases.
After the introduction of v1beta4 if the user inputs the old
v1beta3 discovery timeout the value is ignored. Fix that
by introducing a conversion to v1beta4.
Co-authored-by: penghez (GitHub handle)
When the PublicKeysECDSA feature gate is used or the new
v1beta4.ClusterConfiguration.EncryptionAlgorithm field is used
with "ECDSA-P256" as value, make sure that this is reflected
in the "cert spec" used to generate private keys and they end
up as "EC keys".
When doing a kubelet health check on init/join, do not
hardcode the "localhost" address. Instead, use the
KubeletConfiguration HealthzBindAddress and HealthzPort
fields.
Currently if etcd.yaml does not have a diff on "kubeadm upgrade"
certificate renewal for it is also skipped.
Check if kube-apiserver.yaml needs an upgrade, if so and if
cert renewal is not disabled, renew etcd's certs and restart
its static pod.
With the new `cri-client` staging repository it's finally possible to
decouple `kubeadm` from `crictl`.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
The feature was left in alpha for a few releases, since
k8s started planning on a broader feature UserNamespacesSupport,
which is what kubeadm should integrate with.
UserNamespacesSupport graduated to beta in 1.30.
Once it graduates to GA kubeadm can start using it an remove
RootlessControlPlane.
Currently, there are some unit tests that are failing on
Windows due to various reasons:
- Cannot remove a directory if there's a file open in that directory.
- Paths may have / or \ on Windows.
When using UpgradeNodeConfiguration.IgnorePreflightErrors the field
is currently ignored in favor of the "defualted" field created
by configutil.FetchInitConfigurationFromCluster.
Fix this bug.
Add Upgrade{Apply|Node}Configuration.{ImagePullPolicy|ImagePullSerial}.
The same feature already exists in NodeRegistrationOptions for
{Init|Join}Configuration.
