Merge pull request #72832 from MrHohn/pod-dns-config-ga

Graduate CustomPodDNS feature to GA
2025-07-23 19:56:01 +00:00 · 2019-02-01 18:29:17 -08:00 · 2019-02-01 18:29:17 -08:00 · 235b32e8ad
commit 235b32e8ad
parent 73ccf56edd f2750dd043
6 changed files with 34 additions and 90 deletions
--- a/pkg/apis/core/validation/validation.go
+++ b/pkg/apis/core/validation/validation.go
@ -2632,18 +2632,11 @@ func validateRestartPolicy(restartPolicy *core.RestartPolicy, fldPath *field.Pat
 func validateDNSPolicy(dnsPolicy *core.DNSPolicy, fldPath *field.Path) field.ErrorList {
 	allErrors := field.ErrorList{}
 	switch *dnsPolicy {
-	case core.DNSClusterFirstWithHostNet, core.DNSClusterFirst, core.DNSDefault:
-	case core.DNSNone:
-		if !utilfeature.DefaultFeatureGate.Enabled(features.CustomPodDNS) {
-			allErrors = append(allErrors, field.Invalid(fldPath, dnsPolicy, "DNSPolicy: can not use 'None', custom pod DNS is disabled by feature gate"))
-		}
+	case core.DNSClusterFirstWithHostNet, core.DNSClusterFirst, core.DNSDefault, core.DNSNone:
 	case "":
 		allErrors = append(allErrors, field.Required(fldPath, ""))
 	default:
-		validValues := []string{string(core.DNSClusterFirstWithHostNet), string(core.DNSClusterFirst), string(core.DNSDefault)}
-		if utilfeature.DefaultFeatureGate.Enabled(features.CustomPodDNS) {
-			validValues = append(validValues, string(core.DNSNone))
-		}
+		validValues := []string{string(core.DNSClusterFirstWithHostNet), string(core.DNSClusterFirst), string(core.DNSDefault), string(core.DNSNone)}
 		allErrors = append(allErrors, field.NotSupported(fldPath, dnsPolicy, validValues))
 	}
 	return allErrors
@ -2674,7 +2667,7 @@ func validatePodDNSConfig(dnsConfig *core.PodDNSConfig, dnsPolicy *core.DNSPolic
 	allErrs := field.ErrorList{}

 	// Validate DNSNone case. Must provide at least one DNS name server.
-	if utilfeature.DefaultFeatureGate.Enabled(features.CustomPodDNS) && dnsPolicy != nil && *dnsPolicy == core.DNSNone {
+	if dnsPolicy != nil && *dnsPolicy == core.DNSNone {
 		if dnsConfig == nil {
 			return append(allErrs, field.Required(fldPath, fmt.Sprintf("must provide `dnsConfig` when `dnsPolicy` is %s", core.DNSNone)))
 		}
@ -2684,10 +2677,6 @@ func validatePodDNSConfig(dnsConfig *core.PodDNSConfig, dnsPolicy *core.DNSPolic
 	}

 	if dnsConfig != nil {
-		if !utilfeature.DefaultFeatureGate.Enabled(features.CustomPodDNS) {
-			return append(allErrs, field.Forbidden(fldPath, "DNSConfig: custom pod DNS is disabled by feature gate"))
-		}
-
 		// Validate nameservers.
 		if len(dnsConfig.Nameservers) > MaxDNSNameservers {
 			allErrs = append(allErrs, field.Invalid(fldPath.Child("nameservers"), dnsConfig.Nameservers, fmt.Sprintf("must not have more than %v nameservers", MaxDNSNameservers)))
--- a/pkg/apis/core/validation/validation_test.go
+++ b/pkg/apis/core/validation/validation_test.go
@ -5559,8 +5559,6 @@ func TestValidateRestartPolicy(t *testing.T) {
 }

 func TestValidateDNSPolicy(t *testing.T) {
-	defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CustomPodDNS, true)()
-
 	successCases := []core.DNSPolicy{core.DNSClusterFirst, core.DNSDefault, core.DNSPolicy(core.DNSClusterFirst), core.DNSNone}
 	for _, policy := range successCases {
 		if errs := validateDNSPolicy(&policy, field.NewPath("field")); len(errs) != 0 {
@ -5577,8 +5575,6 @@ func TestValidateDNSPolicy(t *testing.T) {
 }

 func TestValidatePodDNSConfig(t *testing.T) {
-	defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CustomPodDNS, true)()
-
 	generateTestSearchPathFunc := func(numChars int) string {
 		res := ""
 		for i := 0; i < numChars; i++ {
--- a/pkg/features/kube_features.go
+++ b/pkg/features/kube_features.go
@ -208,7 +208,7 @@ const (
 	CSINodeInfo utilfeature.Feature = "CSINodeInfo"

 	// owner @MrHohn
-	// beta: v1.10
+	// GA: v1.14
 	//
 	// Support configurable pod DNS parameters.
 	CustomPodDNS utilfeature.Feature = "CustomPodDNS"
@ -443,7 +443,7 @@ var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureS
 	CSIPersistentVolume:                         {Default: true, PreRelease: utilfeature.GA},
 	CSIDriverRegistry:                           {Default: false, PreRelease: utilfeature.Alpha},
 	CSINodeInfo:                                 {Default: false, PreRelease: utilfeature.Alpha},
-	CustomPodDNS:                                {Default: true, PreRelease: utilfeature.Beta},
+	CustomPodDNS:                                {Default: true, PreRelease: utilfeature.GA, LockToDefault: true}, // remove in 1.16
 	BlockVolume:                                 {Default: true, PreRelease: utilfeature.Beta},
 	StorageObjectInUseProtection:                {Default: true, PreRelease: utilfeature.GA},
 	ResourceLimitsPriorityFunction:              {Default: false, PreRelease: utilfeature.Alpha},
--- a/pkg/kubelet/network/dns/BUILD
+++ b/pkg/kubelet/network/dns/BUILD
@ -7,13 +7,11 @@ go_library(
    visibility = ["//visibility:public"],
    deps = [
        "//pkg/apis/core/validation:go_default_library",
-        "//pkg/features:go_default_library",
        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
        "//pkg/kubelet/container:go_default_library",
        "//pkg/kubelet/util/format:go_default_library",
        "//staging/src/k8s.io/api/core/v1:go_default_library",
        "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library",
-        "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library",
        "//staging/src/k8s.io/client-go/tools/record:go_default_library",
        "//vendor/k8s.io/klog:go_default_library",
    ],
@ -24,14 +22,11 @@ go_test(
    srcs = ["dns_test.go"],
    embed = [":go_default_library"],
    deps = [
-        "//pkg/features:go_default_library",
        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
        "//staging/src/k8s.io/api/core/v1:go_default_library",
        "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
        "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",
-        "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library",
-        "//staging/src/k8s.io/apiserver/pkg/util/feature/testing:go_default_library",
        "//staging/src/k8s.io/client-go/tools/record:go_default_library",
        "//vendor/github.com/stretchr/testify/assert:go_default_library",
        "//vendor/github.com/stretchr/testify/require:go_default_library",
--- a/pkg/kubelet/network/dns/dns.go
+++ b/pkg/kubelet/network/dns/dns.go
@ -27,10 +27,8 @@ import (

 	"k8s.io/api/core/v1"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
-	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/kubernetes/pkg/apis/core/validation"
-	"k8s.io/kubernetes/pkg/features"
 	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
@ -265,12 +263,7 @@ func getPodDNSType(pod *v1.Pod) (podDNSType, error) {
 	dnsPolicy := pod.Spec.DNSPolicy
 	switch dnsPolicy {
 	case v1.DNSNone:
-		if utilfeature.DefaultFeatureGate.Enabled(features.CustomPodDNS) {
-			return podDNSNone, nil
-		}
-		// This should not happen as kube-apiserver should have rejected
-		// setting dnsPolicy to DNSNone when feature gate is disabled.
-		return podDNSCluster, fmt.Errorf(fmt.Sprintf("invalid DNSPolicy=%v: custom pod DNS is disabled", dnsPolicy))
+		return podDNSNone, nil
 	case v1.DNSClusterFirstWithHostNet:
 		return podDNSCluster, nil
 	case v1.DNSClusterFirst:
@ -383,7 +376,7 @@ func (c *Configurer) GetPodDNS(pod *v1.Pod) (*runtimeapi.DNSConfig, error) {
 		}
 	}

-	if utilfeature.DefaultFeatureGate.Enabled(features.CustomPodDNS) && pod.Spec.DNSConfig != nil {
+	if pod.Spec.DNSConfig != nil {
 		dnsConfig = appendDNSConfig(dnsConfig, pod.Spec.DNSConfig)
 	}
 	return c.formDNSConfigFitsLimits(dnsConfig, pod), nil
--- a/pkg/kubelet/network/dns/dns_test.go
+++ b/pkg/kubelet/network/dns/dns_test.go
@ -28,10 +28,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
-	utilfeature "k8s.io/apiserver/pkg/util/feature"
-	utilfeaturetesting "k8s.io/apiserver/pkg/util/feature/testing"
 	"k8s.io/client-go/tools/record"
-	"k8s.io/kubernetes/pkg/features"
 	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"

 	"github.com/stretchr/testify/assert"
@ -291,13 +288,12 @@ func TestGetPodDNSType(t *testing.T) {
 	}

 	testCases := []struct {
-		desc                    string
-		customPodDNSFeatureGate bool
-		hasClusterDNS           bool
-		hostNetwork             bool
-		dnsPolicy               v1.DNSPolicy
-		expectedDNSType         podDNSType
-		expectedError           bool
+		desc            string
+		hasClusterDNS   bool
+		hostNetwork     bool
+		dnsPolicy       v1.DNSPolicy
+		expectedDNSType podDNSType
+		expectedError   bool
 	}{
 		{
 			desc:            "valid DNSClusterFirst without hostnetwork",
@ -337,15 +333,9 @@ func TestGetPodDNSType(t *testing.T) {
 			expectedDNSType: podDNSHost,
 		},
 		{
-			desc:                    "valid DNSNone with feature gate",
-			customPodDNSFeatureGate: true,
-			dnsPolicy:               v1.DNSNone,
-			expectedDNSType:         podDNSNone,
-		},
-		{
-			desc:          "DNSNone without feature gate, should return error",
-			dnsPolicy:     v1.DNSNone,
-			expectedError: true,
+			desc:            "valid DNSNone",
+			dnsPolicy:       v1.DNSNone,
+			expectedDNSType: podDNSNone,
 		},
 		{
 			desc:          "invalid DNS policy, should return error",
@ -356,8 +346,6 @@ func TestGetPodDNSType(t *testing.T) {

 	for _, tc := range testCases {
 		t.Run(tc.desc, func(t *testing.T) {
-			defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CustomPodDNS, tc.customPodDNSFeatureGate)()
-
 			if tc.hasClusterDNS {
 				configurer.clusterDNS = testClusterDNS
 			} else {
@ -516,32 +504,20 @@ func TestGetPodDNSCustom(t *testing.T) {
 	configurer := NewConfigurer(recorder, nodeRef, nil, []net.IP{net.ParseIP(testClusterNameserver)}, testClusterDNSDomain, tmpfile.Name())

 	testCases := []struct {
-		desc                    string
-		customPodDNSFeatureGate bool
-		hostnetwork             bool
-		dnsPolicy               v1.DNSPolicy
-		dnsConfig               *v1.PodDNSConfig
-		expectedDNSConfig       *runtimeapi.DNSConfig
+		desc              string
+		hostnetwork       bool
+		dnsPolicy         v1.DNSPolicy
+		dnsConfig         *v1.PodDNSConfig
+		expectedDNSConfig *runtimeapi.DNSConfig
 	}{
 		{
-			desc:      "feature gate is disabled, DNSNone should fallback to DNSClusterFirst",
+			desc:              "DNSNone without DNSConfig should have empty DNS settings",
+			dnsPolicy:         v1.DNSNone,
+			expectedDNSConfig: &runtimeapi.DNSConfig{},
+		},
+		{
+			desc:      "DNSNone with DNSConfig should have a merged DNS settings",
 			dnsPolicy: v1.DNSNone,
-			expectedDNSConfig: &runtimeapi.DNSConfig{
-				Servers:  []string{testClusterNameserver},
-				Searches: []string{testNsSvcDomain, testSvcDomain, testClusterDNSDomain, testHostDomain},
-				Options:  []string{"ndots:5"},
-			},
-		},
-		{
-			desc:                    "feature gate is enabled, DNSNone without DNSConfig should have empty DNS settings",
-			customPodDNSFeatureGate: true,
-			dnsPolicy:               v1.DNSNone,
-			expectedDNSConfig:       &runtimeapi.DNSConfig{},
-		},
-		{
-			desc:                    "feature gate is enabled, DNSNone with DNSConfig should have a merged DNS settings",
-			customPodDNSFeatureGate: true,
-			dnsPolicy:               v1.DNSNone,
 			dnsConfig: &v1.PodDNSConfig{
 				Nameservers: []string{"203.0.113.1"},
 				Searches:    []string{"my.domain", "second.domain"},
@ -557,9 +533,8 @@ func TestGetPodDNSCustom(t *testing.T) {
 			},
 		},
 		{
-			desc:                    "feature gate is enabled, DNSClusterFirst with DNSConfig should have a merged DNS settings",
-			customPodDNSFeatureGate: true,
-			dnsPolicy:               v1.DNSClusterFirst,
+			desc:      "DNSClusterFirst with DNSConfig should have a merged DNS settings",
+			dnsPolicy: v1.DNSClusterFirst,
 			dnsConfig: &v1.PodDNSConfig{
 				Nameservers: []string{"10.0.0.11"},
 				Searches:    []string{"my.domain"},
@ -575,10 +550,9 @@ func TestGetPodDNSCustom(t *testing.T) {
 			},
 		},
 		{
-			desc:                    "feature gate is enabled, DNSClusterFirstWithHostNet with DNSConfig should have a merged DNS settings",
-			customPodDNSFeatureGate: true,
-			hostnetwork:             true,
-			dnsPolicy:               v1.DNSClusterFirstWithHostNet,
+			desc:        "DNSClusterFirstWithHostNet with DNSConfig should have a merged DNS settings",
+			hostnetwork: true,
+			dnsPolicy:   v1.DNSClusterFirstWithHostNet,
 			dnsConfig: &v1.PodDNSConfig{
 				Nameservers: []string{"10.0.0.11"},
 				Searches:    []string{"my.domain"},
@ -594,9 +568,8 @@ func TestGetPodDNSCustom(t *testing.T) {
 			},
 		},
 		{
-			desc:                    "feature gate is enabled, DNSDefault with DNSConfig should have a merged DNS settings",
-			customPodDNSFeatureGate: true,
-			dnsPolicy:               v1.DNSDefault,
+			desc:      "DNSDefault with DNSConfig should have a merged DNS settings",
+			dnsPolicy: v1.DNSDefault,
 			dnsConfig: &v1.PodDNSConfig{
 				Nameservers: []string{"10.0.0.11"},
 				Searches:    []string{"my.domain"},
@ -615,8 +588,6 @@ func TestGetPodDNSCustom(t *testing.T) {

 	for _, tc := range testCases {
 		t.Run(tc.desc, func(t *testing.T) {
-			defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CustomPodDNS, tc.customPodDNSFeatureGate)()
-
 			testPod.Spec.HostNetwork = tc.hostnetwork
 			testPod.Spec.DNSConfig = tc.dnsConfig
 			testPod.Spec.DNSPolicy = tc.dnsPolicy