Merge pull request #50749 from dixudx/kubefed_add_nodeSelector

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. support nodeSelector in kubefed init **What this PR does / why we need it**: **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #50716 **Special notes for your reviewer**: /assign @gyliu513 **Release note**: ```release-note support nodeSelector in kubefed init ```
2025-07-23 11:50:44 +00:00 · 2017-10-02 21:07:37 -07:00 · 2017-10-02 21:07:37 -07:00 · 0b86b2ca87
commit 0b86b2ca87
parent 431d49d7b2 c860b059c3
2 changed files with 27 additions and 6 deletions
--- a/federation/pkg/kubefed/init/init.go
+++ b/federation/pkg/kubefed/init/init.go
@ -154,6 +154,8 @@ type initFederationOptions struct {
 	apiServerNodePortPortPtr         *int32
 	apiServerEnableHTTPBasicAuth     bool
 	apiServerEnableTokenAuth         bool
+	nodeSelector                     map[string]string
+	nodeSelectorString               string
 }

 func (o *initFederationOptions) Bind(flags *pflag.FlagSet, defaultServerImage, defaultEtcdImage string) {
@ -173,6 +175,7 @@ func (o *initFederationOptions) Bind(flags *pflag.FlagSet, defaultServerImage, d
 	flags.Int32Var(&o.apiServerNodePortPort, apiserverPortFlag, 0, "Preferred port to use for api server nodeport service (0 for random port assignment). Valid only if '"+apiserverServiceTypeFlag+"=NodePort'.")
 	flags.BoolVar(&o.apiServerEnableHTTPBasicAuth, "apiserver-enable-basic-auth", false, "Enables HTTP Basic authentication for the federation-apiserver. Defaults to false.")
 	flags.BoolVar(&o.apiServerEnableTokenAuth, "apiserver-enable-token-auth", false, "Enables token authentication for the federation-apiserver. Defaults to false.")
+	flags.StringVar(&o.nodeSelectorString, "node-selector", "", "comma separated list of nodeSelector arguments: Example \"arg1=value1,arg2=value2...\"")
 }

 // NewCmdInit defines the `init` command that bootstraps a federation
@ -257,6 +260,10 @@ func (i *initFederation) Complete(cmd *cobra.Command, args []string) error {
 	if err != nil {
 		return fmt.Errorf("error marshalling --controllermanager-arg-overrides: %v", err)
 	}
+	i.options.nodeSelector, err = marshallOverrides(i.options.nodeSelectorString)
+	if err != nil {
+		return fmt.Errorf("error marshalling --node-selector: %v", err)
+	}

 	if i.options.dnsProviderConfig != "" {
 		if _, err := os.Stat(i.options.dnsProviderConfig); err != nil {
@ -361,7 +368,7 @@ func (i *initFederation) Run(cmdOut io.Writer, config util.AdminConfig) error {

 	fmt.Fprint(cmdOut, "Creating federation component deployments...")
 	glog.V(4).Info("Creating federation control plane components")
-	_, err = createAPIServer(hostClientset, i.commonOptions.FederationSystemNamespace, serverName, i.commonOptions.Name, i.options.serverImage, i.options.etcdImage, advertiseAddress, serverCredName, i.options.apiServerEnableHTTPBasicAuth, i.options.apiServerEnableTokenAuth, i.options.apiServerOverrides, pvc, i.options.dryRun)
+	_, err = createAPIServer(hostClientset, i.commonOptions.FederationSystemNamespace, serverName, i.commonOptions.Name, i.options.serverImage, i.options.etcdImage, advertiseAddress, serverCredName, i.options.apiServerEnableHTTPBasicAuth, i.options.apiServerEnableTokenAuth, i.options.apiServerOverrides, pvc, i.options.dryRun, i.options.nodeSelector)
 	if err != nil {
 		return err
 	}
@ -396,7 +403,7 @@ func (i *initFederation) Run(cmdOut io.Writer, config util.AdminConfig) error {

 	glog.V(4).Info("Creating federation controller manager deployment")

-	_, err = createControllerManager(hostClientset, i.commonOptions.FederationSystemNamespace, i.commonOptions.Name, svc.Name, cmName, i.options.serverImage, cmKubeconfigName, i.options.dnsZoneName, i.options.dnsProvider, i.options.dnsProviderConfig, sa.Name, dnsProviderSecret, i.options.controllerManagerOverrides, i.options.dryRun)
+	_, err = createControllerManager(hostClientset, i.commonOptions.FederationSystemNamespace, i.commonOptions.Name, svc.Name, cmName, i.options.serverImage, cmKubeconfigName, i.options.dnsZoneName, i.options.dnsProvider, i.options.dnsProviderConfig, sa.Name, dnsProviderSecret, i.options.controllerManagerOverrides, i.options.dryRun, i.options.nodeSelector)
 	if err != nil {
 		return err
 	}
@ -702,7 +709,7 @@ func createPVC(clientset client.Interface, namespace, svcName, federationName, e
 	return clientset.Core().PersistentVolumeClaims(namespace).Create(pvc)
 }

-func createAPIServer(clientset client.Interface, namespace, name, federationName, serverImage, etcdImage, advertiseAddress, credentialsName string, hasHTTPBasicAuthFile, hasTokenAuthFile bool, argOverrides map[string]string, pvc *api.PersistentVolumeClaim, dryRun bool) (*extensions.Deployment, error) {
+func createAPIServer(clientset client.Interface, namespace, name, federationName, serverImage, etcdImage, advertiseAddress, credentialsName string, hasHTTPBasicAuthFile, hasTokenAuthFile bool, argOverrides map[string]string, pvc *api.PersistentVolumeClaim, dryRun bool, nodeSelector map[string]string) (*extensions.Deployment, error) {
 	command := []string{
 		"/hyperkube",
 		"federation-apiserver",
@ -779,6 +786,7 @@ func createAPIServer(clientset client.Interface, namespace, name, federationName
 							},
 						},
 					},
+					NodeSelector: nodeSelector,
 					Volumes: []api.Volume{
 						{
 							Name: credentialsName,
@ -876,7 +884,7 @@ func createRoleBindings(clientset client.Interface, namespace, saName, federatio
 	return newRole, newRolebinding, err
 }

-func createControllerManager(clientset client.Interface, namespace, name, svcName, cmName, image, kubeconfigName, dnsZoneName, dnsProvider, dnsProviderConfig, saName string, dnsProviderSecret *api.Secret, argOverrides map[string]string, dryRun bool) (*extensions.Deployment, error) {
+func createControllerManager(clientset client.Interface, namespace, name, svcName, cmName, image, kubeconfigName, dnsZoneName, dnsProvider, dnsProviderConfig, saName string, dnsProviderSecret *api.Secret, argOverrides map[string]string, dryRun bool, nodeSelector map[string]string) (*extensions.Deployment, error) {
 	command := []string{
 		"/hyperkube",
 		"federation-controller-manager",
@ -945,6 +953,7 @@ func createControllerManager(clientset client.Interface, namespace, name, svcNam
 							},
 						},
 					},
+					NodeSelector: nodeSelector,
 					Volumes: []api.Volume{
 						{
 							Name: kubeconfigName,
--- a/federation/pkg/kubefed/init/init_test.go
+++ b/federation/pkg/kubefed/init/init_test.go
@ -109,6 +109,7 @@ func TestInitFederation(t *testing.T) {
 		apiserverEnableHTTPBasicAuth bool
 		apiserverEnableTokenAuth     bool
 		isRBACAPIAvailable           bool
+		nodeSelector                 string
 	}{
 		{
 			federation:            "union",
@ -126,6 +127,7 @@ func TestInitFederation(t *testing.T) {
 			dryRun:                "",
 			apiserverArgOverrides: "--client-ca-file=override,--log-dir=override",
 			cmArgOverrides:        "--dns-provider=override,--log-dir=override",
+			nodeSelector:          "disk=ssh,role=node",
 		},
 		{
 			federation:           "union",
@ -246,7 +248,7 @@ func TestInitFederation(t *testing.T) {
 			tc.etcdImage = defaultEtcdImage
 		}

-		hostFactory, err := fakeInitHostFactory(tc.apiserverServiceType, tc.federation, util.DefaultFederationSystemNamespace, tc.advertiseAddress, tc.lbIP, tc.dnsZoneName, tc.serverImage, tc.etcdImage, tc.dnsProvider, tc.dnsProviderConfig, tc.etcdPersistence, tc.etcdPVCapacity, tc.etcdPVStorageClass, tc.apiserverArgOverrides, tc.cmArgOverrides, tmpDirPath, tc.apiserverEnableHTTPBasicAuth, tc.apiserverEnableTokenAuth, tc.isRBACAPIAvailable)
+		hostFactory, err := fakeInitHostFactory(tc.apiserverServiceType, tc.federation, util.DefaultFederationSystemNamespace, tc.advertiseAddress, tc.lbIP, tc.dnsZoneName, tc.serverImage, tc.etcdImage, tc.dnsProvider, tc.dnsProviderConfig, tc.etcdPersistence, tc.etcdPVCapacity, tc.etcdPVStorageClass, tc.apiserverArgOverrides, tc.cmArgOverrides, tmpDirPath, tc.apiserverEnableHTTPBasicAuth, tc.apiserverEnableTokenAuth, tc.isRBACAPIAvailable, tc.nodeSelector)
 		if err != nil {
 			t.Fatalf("[%d] unexpected error: %v", i, err)
 		}
@ -292,6 +294,9 @@ func TestInitFederation(t *testing.T) {
 		if tc.apiserverEnableTokenAuth {
 			cmd.Flags().Set("apiserver-enable-token-auth", "true")
 		}
+		if tc.nodeSelector != "" {
+			cmd.Flags().Set("node-selector", tc.nodeSelector)
+		}

 		cmd.Run(cmd, []string{tc.federation})

@ -621,7 +626,7 @@ func TestCertsHTTPS(t *testing.T) {
 	}
 }

-func fakeInitHostFactory(apiserverServiceType v1.ServiceType, federationName, namespaceName, advertiseAddress, lbIp, dnsZoneName, serverImage, etcdImage, dnsProvider, dnsProviderConfig, etcdPersistence, etcdPVCapacity, etcdPVStorageClass, apiserverOverrideArg, cmOverrideArg, tmpDirPath string, apiserverEnableHTTPBasicAuth, apiserverEnableTokenAuth, isRBACAPIAvailable bool) (cmdutil.Factory, error) {
+func fakeInitHostFactory(apiserverServiceType v1.ServiceType, federationName, namespaceName, advertiseAddress, lbIp, dnsZoneName, serverImage, etcdImage, dnsProvider, dnsProviderConfig, etcdPersistence, etcdPVCapacity, etcdPVStorageClass, apiserverOverrideArg, cmOverrideArg, tmpDirPath string, apiserverEnableHTTPBasicAuth, apiserverEnableTokenAuth, isRBACAPIAvailable bool, nodeSelectorString string) (cmdutil.Factory, error) {
 	svcName := federationName + "-apiserver"
 	svcUrlPrefix := "/api/v1/namespaces/federation-system/services"
 	credSecretName := svcName + "-credentials"
@ -889,6 +894,11 @@ func fakeInitHostFactory(apiserverServiceType v1.ServiceType, federationName, na
 	sort.Strings(apiserverArgs)
 	apiserverCommand = append(apiserverCommand, apiserverArgs...)

+	nodeSelector, err := marshallOverrides(nodeSelectorString)
+	if err != nil {
+		return nil, fmt.Errorf("error marshalling --node-selector: %v", err)
+	}
+
 	apiserver := &v1beta1.Deployment{
 		TypeMeta: metav1.TypeMeta{
 			Kind:       "Deployment",
@ -943,6 +953,7 @@ func fakeInitHostFactory(apiserverServiceType v1.ServiceType, federationName, na
 							},
 						},
 					},
+					NodeSelector: nodeSelector,
 					Volumes: []v1.Volume{
 						{
 							Name: credSecretName,
@ -1051,6 +1062,7 @@ func fakeInitHostFactory(apiserverServiceType v1.ServiceType, federationName, na
 							},
 						},
 					},
+					NodeSelector: nodeSelector,
 					Volumes: []v1.Volume{
 						{
 							Name: cmKubeconfigSecretName,