From 37aa219fff41d3380d8b96a4640df0c98a2ce9a7 Mon Sep 17 00:00:00 2001 From: Rob Scott Date: Fri, 15 Nov 2019 14:28:41 -0800 Subject: [PATCH] Disabling EndpointSlice feature gate by default Given the significance this change would have we've decided to hold off on enabling this by default until we can have better test coverage and more real world usage of the feature. --- pkg/features/kube_features.go | 2 +- .../testdata/cluster-roles.yaml | 7 ---- .../testdata/controller-role-bindings.yaml | 17 -------- .../testdata/controller-roles.yaml | 39 ------------------- 4 files changed, 1 insertion(+), 64 deletions(-) diff --git a/pkg/features/kube_features.go b/pkg/features/kube_features.go index 741c491e17c..99be157f3f8 100644 --- a/pkg/features/kube_features.go +++ b/pkg/features/kube_features.go @@ -624,7 +624,7 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS VolumePVCDataSource: {Default: true, PreRelease: featuregate.Beta}, PodOverhead: {Default: false, PreRelease: featuregate.Alpha}, IPv6DualStack: {Default: false, PreRelease: featuregate.Alpha}, - EndpointSlice: {Default: true, PreRelease: featuregate.Beta}, + EndpointSlice: {Default: false, PreRelease: featuregate.Beta}, EvenPodsSpread: {Default: false, PreRelease: featuregate.Alpha}, StartupProbe: {Default: false, PreRelease: featuregate.Alpha}, AllowInsecureBackendProxy: {Default: true, PreRelease: featuregate.Beta}, diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml index ad6468a53d2..a6fec3d54cb 100644 --- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml +++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml @@ -1051,13 +1051,6 @@ items: - create - patch - update - - apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - list - - watch - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/controller-role-bindings.yaml b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/controller-role-bindings.yaml index 8a1ab919472..6d5cb73e50d 100644 --- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/controller-role-bindings.yaml +++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/controller-role-bindings.yaml @@ -136,23 +136,6 @@ items: - kind: ServiceAccount name: endpoint-controller namespace: kube-system -- apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - annotations: - rbac.authorization.kubernetes.io/autoupdate: "true" - creationTimestamp: null - labels: - kubernetes.io/bootstrapping: rbac-defaults - name: system:controller:endpointslice-controller - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:controller:endpointslice-controller - subjects: - - kind: ServiceAccount - name: endpointslice-controller - namespace: kube-system - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/controller-roles.yaml b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/controller-roles.yaml index b47b6c69d22..969d81fe10b 100644 --- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/controller-roles.yaml +++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/controller-roles.yaml @@ -447,45 +447,6 @@ items: - create - patch - update -- apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - annotations: - rbac.authorization.kubernetes.io/autoupdate: "true" - creationTimestamp: null - labels: - kubernetes.io/bootstrapping: rbac-defaults - name: system:controller:endpointslice-controller - rules: - - apiGroups: - - "" - resources: - - nodes - - pods - - services - verbs: - - get - - list - - watch - - apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - create - - delete - - get - - list - - update - - apiGroups: - - "" - - events.k8s.io - resources: - - events - verbs: - - create - - patch - - update - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: