mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-20 18:31:15 +00:00
CRI socket paths should have URL scheme
This commit is contained in:
Paco Xu
parent
0184d77f50
commit
36594d739b
@ -20,22 +20,15 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
|
||||||
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
|
||||||
"k8s.io/klog/v2"
|
|
||||||
|
|
||||||
kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
|
|
||||||
kubeadmapiv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3"
|
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/cmd/options"
|
"k8s.io/kubernetes/cmd/kubeadm/app/cmd/options"
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow"
|
"k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow"
|
||||||
cmdutil "k8s.io/kubernetes/cmd/kubeadm/app/cmd/util"
|
cmdutil "k8s.io/kubernetes/cmd/kubeadm/app/cmd/util"
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/constants"
|
"k8s.io/kubernetes/cmd/kubeadm/app/constants"
|
||||||
kubeletphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/kubelet"
|
kubeletphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/kubelet"
|
||||||
patchnodephase "k8s.io/kubernetes/cmd/kubeadm/app/phases/patchnode"
|
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/phases/upgrade"
|
"k8s.io/kubernetes/cmd/kubeadm/app/phases/upgrade"
|
||||||
configutil "k8s.io/kubernetes/cmd/kubeadm/app/util/config"
|
|
||||||
dryrunutil "k8s.io/kubernetes/cmd/kubeadm/app/util/dryrun"
|
dryrunutil "k8s.io/kubernetes/cmd/kubeadm/app/util/dryrun"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -92,40 +85,6 @@ func runKubeletConfigPhase() func(c workflow.RunData) error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Handle a missing URL scheme in the Node CRI socket.
|
|
||||||
// Older versions of kubeadm tolerate CRI sockets without URL schemes (/var/run/foo without unix://).
|
|
||||||
// During "upgrade node" for worker nodes the cfg.NodeRegistration would be left empty.
|
|
||||||
// This requires to call GetNodeRegistration on demand and fetch the node name and CRI socket.
|
|
||||||
// If the NodeRegistration (nro) contains a socket without a URL scheme, update it.
|
|
||||||
//
|
|
||||||
// TODO: this workaround can be removed in 1.25 once all user node sockets have a URL scheme:
|
|
||||||
// https://github.com/kubernetes/kubeadm/issues/2426
|
|
||||||
var missingURLScheme bool
|
|
||||||
nro := &kubeadmapi.NodeRegistrationOptions{}
|
|
||||||
if !dryRun {
|
|
||||||
if err := configutil.GetNodeRegistration(data.KubeConfigPath(), data.Client(), nro); err != nil {
|
|
||||||
return errors.Wrap(err, "could not retrieve the node registration options for this node")
|
|
||||||
}
|
|
||||||
missingURLScheme = strings.HasPrefix(nro.CRISocket, kubeadmapiv1.DefaultContainerRuntimeURLScheme)
|
|
||||||
}
|
|
||||||
if missingURLScheme {
|
|
||||||
if !dryRun {
|
|
||||||
newSocket := kubeadmapiv1.DefaultContainerRuntimeURLScheme + "://" + nro.CRISocket
|
|
||||||
klog.V(2).Infof("ensuring that Node %q has a CRI socket annotation with URL scheme %q", nro.Name, newSocket)
|
|
||||||
if err := patchnodephase.AnnotateCRISocket(data.Client(), nro.Name, newSocket); err != nil {
|
|
||||||
return errors.Wrapf(err, "error updating the CRI socket for Node %q", nro.Name)
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
fmt.Println("[upgrade] Would update the node CRI socket path to include an URL scheme")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO: Temporary workaround. Remove in 1.25:
|
|
||||||
// https://github.com/kubernetes/kubeadm/issues/2426
|
|
||||||
if err := upgrade.UpdateKubeletDynamicEnvFileWithURLScheme(dryRun); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
fmt.Println("[upgrade] The configuration for this node was successfully updated!")
|
fmt.Println("[upgrade] The configuration for this node was successfully updated!")
|
||||||
fmt.Println("[upgrade] Now you should go ahead and upgrade the kubelet package using your package manager.")
|
fmt.Println("[upgrade] Now you should go ahead and upgrade the kubelet package using your package manager.")
|
||||||
return nil
|
return nil
|
||||||
|
|||||||
@ -20,7 +20,6 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
@ -69,12 +68,6 @@ func PerformPostUpgradeTasks(client clientset.Interface, cfg *kubeadmapi.InitCon
|
|||||||
errs = append(errs, err)
|
errs = append(errs, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: Temporary workaround. Remove in 1.25:
|
|
||||||
// https://github.com/kubernetes/kubeadm/issues/2426
|
|
||||||
if err := UpdateKubeletDynamicEnvFileWithURLScheme(dryRun); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
// Annotate the node with the crisocket information, sourced either from the InitConfiguration struct or
|
// Annotate the node with the crisocket information, sourced either from the InitConfiguration struct or
|
||||||
// --cri-socket.
|
// --cri-socket.
|
||||||
// TODO: In the future we want to use something more official like NodeStatus or similar for detecting this properly
|
// TODO: In the future we want to use something more official like NodeStatus or similar for detecting this properly
|
||||||
@ -274,29 +267,6 @@ func AddNewControlPlaneTaint(client clientset.Interface) error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateKubeletDynamicEnvFileWithURLScheme reads the kubelet dynamic environment file
|
|
||||||
// from disk, ensure that the CRI endpoint flag has a scheme prefix and writes it
|
|
||||||
// back to disk.
|
|
||||||
// TODO: Temporary workaround. Remove in 1.25:
|
|
||||||
// https://github.com/kubernetes/kubeadm/issues/2426
|
|
||||||
func UpdateKubeletDynamicEnvFileWithURLScheme(dryRun bool) error {
|
|
||||||
filePath := filepath.Join(kubeadmconstants.KubeletRunDirectory, kubeadmconstants.KubeletEnvFileName)
|
|
||||||
if dryRun {
|
|
||||||
fmt.Printf("[upgrade] Would ensure that %q includes a CRI endpoint URL scheme\n", filePath)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
klog.V(2).Infof("Ensuring that %q includes a CRI endpoint URL scheme", filePath)
|
|
||||||
bytes, err := os.ReadFile(filePath)
|
|
||||||
if err != nil {
|
|
||||||
return errors.Wrapf(err, "failed to read kubelet configuration from file %q", filePath)
|
|
||||||
}
|
|
||||||
updated := updateKubeletDynamicEnvFileWithURLScheme(string(bytes))
|
|
||||||
if err := os.WriteFile(filePath, []byte(updated), 0644); err != nil {
|
|
||||||
return errors.Wrapf(err, "failed to write kubelet configuration to the file %q", filePath)
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func updateKubeletDynamicEnvFileWithURLScheme(str string) string {
|
func updateKubeletDynamicEnvFileWithURLScheme(str string) string {
|
||||||
const (
|
const (
|
||||||
flag = "container-runtime-endpoint"
|
flag = "container-runtime-endpoint"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user