Allow configurable etcd options #42246
Conversation
|
Hi @jamiehannaford. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
k8s-ci-robot
added
the
cncf-cla: yes
k8s-github-robot
added
needs-rebase
|
The overall solution to this problem I think is to create a NodePort etcd service (either manually or automatically with kubeadm) and have the binary bind to |
|
This change is |
|
@kubernetes/sig-cluster-lifecycle-pr-reviews @luxas @lukemarsden |
|
@pires @kubernetes/sig-cluster-lifecycle-pr-reviews @luxas @lukemarsden I know kubeadm is in code freeze due to moving over codebases - should I wait until that's happened or is there anything I can incorporate now? |
|
@jamiehannaford Kubernetes as a project is in code freeze right now and no non-bugfix PRs can be merged at this point in the cycle. Hence the pending state... kubeadm will eventually move to its own repo, but that will take some time yet before our machinery is able to do that. |
|
@luxas I know but some of my other PRs have been reviewed but not merged. Maybe it will save time when the code freeze is lifted. I'd just like a general idea of whether this feature is approved/needed and if any of the implementation logic is off :) |
cmd/kubeadm/app/cmd/init.go
Outdated
| cmd.PersistentFlags().StringVar( | ||
| &cfg.Etcd.AdvertiseURL, "etcd-advertise-url", cfg.Etcd.AdvertiseURL, | ||
| "Specify a advertise-client-urls value to the etcd container", | ||
| ) | ||
|
|
There was a problem hiding this comment.
Use configuration, not flags.
jamiehannaford
force-pushed
the
add-etcd-flags-kubeadm
branch
from
ced7fa6
to
f3c3232
Compare
k8s-github-robot
removed
the
needs-rebase
|
@pires Does this look okay now? I removed the flags |
cmd/kubeadm/app/master/manifests.go
Outdated
| if cfg.Etcd.AdvertiseURL != "" { | ||
| advertiseURL += fmt.Sprintf(",%s", cfg.Etcd.AdvertiseURL) | ||
| } | ||
|
|
There was a problem hiding this comment.
listenURL and advertiseURL should point to a same constant value.
There was a problem hiding this comment.
I wasn't 100% sure what you meant, but I added a new default variable which both URLs point to. That DRYed it up a bit. Is that what you meant?
jamiehannaford
force-pushed
the
add-etcd-flags-kubeadm
branch
from
f3c3232
to
9f13b38
Compare
k8s-ci-robot
added
the
lgtm
|
Ah, yes, the API changes break stuff. Please, check the test failure details and fix it. |
jamiehannaford
force-pushed
the
add-etcd-flags-kubeadm
branch
from
9f13b38
to
3df45d0
Compare
k8s-github-robot
removed
the
lgtm
| CAFile string | ||
| CertFile string | ||
| KeyFile string | ||
| ListenURL string |
There was a problem hiding this comment.
I think we really should go with a generic Args here instead of two hard-coded string fields.
Imagine I want to set the token authz mechanism. Eventually we would duplicate all etcd options, instead we should go with a more dynamic route with map[string]string as the other control plane components
cmd/kubeadm/app/master/manifests.go
Outdated
| func getEtcdCommand(cfg *kubeadmapi.MasterConfiguration) []string { | ||
| defaultURL := "http://127.0.0.1:2379" | ||
|
|
||
| listenURL := defaultURL |
There was a problem hiding this comment.
Please use the same logic as the other control plane components here with default and overridable arguments.
jamiehannaford
force-pushed
the
add-etcd-flags-kubeadm
branch
from
3df45d0
to
e5f9345
Compare
|
@k8s-bot bazel test this |
|
@jamiehannaford: you can't request testing unless you are a kubernetes member. In response to this comment:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
@luxas Thanks for the feedback, I've made things a bit more generic so folks can easily extend. Would you mind kicking off the tests again? |
|
@k8s-bot bazel test this |
|
@luxas Agree about the dataDir stuff. I've added a new config key and removed the hard-coded references. Can you comment with |
|
@k8s-bot ok to test |
jamiehannaford
force-pushed
the
add-etcd-flags-kubeadm
branch
3 times, most recently
from
8140f56
to
91e41e6
Compare
|
@k8s-bot non-cri e2e test this |
1 similar comment
|
@k8s-bot non-cri e2e test this |
|
Looks like this is all green now |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
cmd/kubeadm/app/apis/kubeadm/env.go
Outdated
| @@ -31,7 +33,7 @@ func SetEnvParams() *EnvParams { | |||
|
|
|||
| envParams := map[string]string{ | |||
| "kubernetes_dir": "/etc/kubernetes", | |||
| "host_etcd_path": "/var/lib/etcd", | |||
| "host_etcd_path": v1alpha1.DefaultEtcdDataDir, | |||
There was a problem hiding this comment.
Sorry for being unclear earlier, I don't think this is used anymore (if it is, switch to the new method)
It could/should be removed
There was a problem hiding this comment.
No problem, I appreciate the feedback 👍 does this commit address what you mean? 4b065f8
k8s-github-robot
removed
the
lgtm
|
@k8s-bot non-cri e2e test this |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
@jamiehannaford LGTM, but please squash (unless you really think the commit sequence makes a lot of sense) |
jamiehannaford
force-pushed
the
add-etcd-flags-kubeadm
branch
from
4b065f8
to
7e82985
Compare
k8s-github-robot
removed
the
lgtm
|
@luxas Sure - I squashed those commits into 1 |
|
Any update on this? |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jamiehannaford, luxas, pires
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
k8s-github-robot
added
the
approved
|
@k8s-bot gce etcd3 e2e test this |
|
Automatic merge from submit-queue |
What this PR does / why we need it:
Allows users to set the
--listen-client-urlsand--advertise-client-urlsflags on etcd binaries for clusters set up with kubeadm.Which issue this PR fixes:
As far as I can tell right now, other nodes in a cluster set up with kubeadm cannot communicate with the etcd static pod running on the master. This is needed in order to set up calico/canal SDN which needs access to a publicly addressable IPv4 before the overlay network and inter-cluster subnet is created.
Addresses kubernetes/enhancements#138 and kubernetes/enhancements#11.
Release note: