From d1949261ab71d00acab9f95c10b104a2f147ae82 Mon Sep 17 00:00:00 2001 From: Di Xu Date: Mon, 4 Jun 2018 22:29:45 +0800 Subject: [PATCH 1/2] kubeadm: use nodeSelector to only run kube-proxy on architecture consistent nodes --- cmd/kubeadm/app/phases/addons/proxy/BUILD | 1 + cmd/kubeadm/app/phases/addons/proxy/manifests.go | 9 +++++++-- cmd/kubeadm/app/phases/addons/proxy/proxy.go | 4 +++- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/cmd/kubeadm/app/phases/addons/proxy/BUILD b/cmd/kubeadm/app/phases/addons/proxy/BUILD index 612ca29d555..87f1650a5b4 100644 --- a/cmd/kubeadm/app/phases/addons/proxy/BUILD +++ b/cmd/kubeadm/app/phases/addons/proxy/BUILD @@ -34,6 +34,7 @@ go_library( importpath = "k8s.io/kubernetes/cmd/kubeadm/app/phases/addons/proxy", deps = [ "//cmd/kubeadm/app/apis/kubeadm:go_default_library", + "//cmd/kubeadm/app/constants:go_default_library", "//cmd/kubeadm/app/util:go_default_library", "//cmd/kubeadm/app/util/apiclient:go_default_library", "//pkg/proxy/apis/kubeproxyconfig/scheme:go_default_library", diff --git a/cmd/kubeadm/app/phases/addons/proxy/manifests.go b/cmd/kubeadm/app/phases/addons/proxy/manifests.go index c0bc3b8f0bb..ef3a1512b14 100644 --- a/cmd/kubeadm/app/phases/addons/proxy/manifests.go +++ b/cmd/kubeadm/app/phases/addons/proxy/manifests.go @@ -90,8 +90,6 @@ spec: readOnly: true hostNetwork: true serviceAccountName: kube-proxy - tolerations: - - operator: Exists volumes: - name: kube-proxy configMap: @@ -103,5 +101,12 @@ spec: - name: lib-modules hostPath: path: /lib/modules + tolerations: + - key: CriticalAddonsOnly + operator: Exists + - key: {{ .MasterTaintKey }} + effect: NoSchedule + nodeSelector: + beta.kubernetes.io/arch: {{ .Arch }} ` ) diff --git a/cmd/kubeadm/app/phases/addons/proxy/proxy.go b/cmd/kubeadm/app/phases/addons/proxy/proxy.go index cde76c4391c..0de99d04fd5 100644 --- a/cmd/kubeadm/app/phases/addons/proxy/proxy.go +++ b/cmd/kubeadm/app/phases/addons/proxy/proxy.go @@ -29,6 +29,7 @@ import ( clientset "k8s.io/client-go/kubernetes" clientsetscheme "k8s.io/client-go/kubernetes/scheme" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" + kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" "k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient" kubeproxyconfigscheme "k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/scheme" @@ -75,11 +76,12 @@ func EnsureProxyAddon(cfg *kubeadmapi.MasterConfiguration, client clientset.Inte if err != nil { return fmt.Errorf("error when parsing kube-proxy configmap template: %v", err) } - proxyDaemonSetBytes, err = kubeadmutil.ParseTemplate(KubeProxyDaemonSet19, struct{ ImageRepository, Arch, Version, ImageOverride string }{ + proxyDaemonSetBytes, err = kubeadmutil.ParseTemplate(KubeProxyDaemonSet19, struct{ ImageRepository, Arch, Version, ImageOverride, MasterTaintKey string }{ ImageRepository: cfg.GetControlPlaneImageRepository(), Arch: runtime.GOARCH, Version: kubeadmutil.KubernetesVersionToImageTag(cfg.KubernetesVersion), ImageOverride: cfg.UnifiedControlPlaneImage, + MasterTaintKey: kubeadmconstants.LabelNodeRoleMaster, }) if err != nil { return fmt.Errorf("error when parsing kube-proxy daemonset template: %v", err) From 9a2e58b5e77f961da3289f5e4491120abfcaed47 Mon Sep 17 00:00:00 2001 From: Di Xu Date: Mon, 4 Jun 2018 22:48:48 +0800 Subject: [PATCH 2/2] kubeadm: use nodeselector instead of affinity in kube-dns --- cmd/kubeadm/app/phases/addons/dns/manifests.go | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/cmd/kubeadm/app/phases/addons/dns/manifests.go b/cmd/kubeadm/app/phases/addons/dns/manifests.go index 2a765f634ec..6d400d280f7 100644 --- a/cmd/kubeadm/app/phases/addons/dns/manifests.go +++ b/cmd/kubeadm/app/phases/addons/dns/manifests.go @@ -173,16 +173,8 @@ spec: operator: Exists - key: {{ .MasterTaintKey }} effect: NoSchedule - # TODO: Remove this affinity field as soon as we are using manifest lists - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: beta.kubernetes.io/arch - operator: In - values: - - {{ .Arch }} + nodeSelector: + beta.kubernetes.io/arch: {{ .Arch }} ` // KubeDNSService is the kube-dns Service manifest