github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-04 01:40:07 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #120263 from elmiko/enable-ccm-gce-ci

Browse Source 
Use cloud-controller-manager by default on CI
This commit is contained in:
Kubernetes Prow Robot 2023-08-31 14:12:30 -07:00 committed by GitHub
commit 6c1f6d55ad
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 26 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
cluster/gce/config-default.sh
View File

@ -256,11 +256,6 @@ if [[ "${KUBE_FEATURE_GATES:-}" == "AllAlpha=true" ]]; then
export RUNTIME_CONFIG="${KUBE_RUNTIME_CONFIG:-api/all=true}" export RUNTIME_CONFIG="${KUBE_RUNTIME_CONFIG:-api/all=true}"
fi fi
# If feature gates includes AllAlpha or EndpointSlice, and EndpointSlice has not been disabled, add EndpointSlice controller to list of controllers to run.
if [[ (( "${KUBE_FEATURE_GATES:-}" == *"AllAlpha=true"* ) || ( "${KUBE_FEATURE_GATES:-}" == *"EndpointSlice=true"* )) && "${KUBE_FEATURE_GATES:-}" != *"EndpointSlice=false"* ]]; then
RUN_CONTROLLERS="${RUN_CONTROLLERS:-*,endpointslice}"
fi
# By default disable gkenetworkparamset controller in CCM # By default disable gkenetworkparamset controller in CCM
RUN_CCM_CONTROLLERS="${RUN_CCM_CONTROLLERS:-*,-gkenetworkparamset}" RUN_CCM_CONTROLLERS="${RUN_CCM_CONTROLLERS:-*,-gkenetworkparamset}"
@ -556,7 +551,7 @@ export TLS_CIPHER_SUITES=""
# CLOUD_PROVIDER_FLAG defines the cloud-provider value presented to KCM, apiserver, # CLOUD_PROVIDER_FLAG defines the cloud-provider value presented to KCM, apiserver,
# and kubelet # and kubelet
export CLOUD_PROVIDER_FLAG="${CLOUD_PROVIDER_FLAG:-gce}" export CLOUD_PROVIDER_FLAG="${CLOUD_PROVIDER_FLAG:-external}"
# When ENABLE_AUTH_PROVIDER_GCP is set, following flags for out-of-tree credential provider for GCP # When ENABLE_AUTH_PROVIDER_GCP is set, following flags for out-of-tree credential provider for GCP
# are presented to kubelet: # are presented to kubelet:
@ -564,4 +559,13 @@ export CLOUD_PROVIDER_FLAG="${CLOUD_PROVIDER_FLAG:-gce}"
# --image-credential-provider-bin-dir=${path-to-auth-provider-binary} # --image-credential-provider-bin-dir=${path-to-auth-provider-binary}
# Also, it is required that DisableKubeletCloudCredentialProviders # Also, it is required that DisableKubeletCloudCredentialProviders
# feature gates are set to true for kubelet to use external credential provider. # feature gates are set to true for kubelet to use external credential provider.
ENABLE_AUTH_PROVIDER_GCP="${ENABLE_AUTH_PROVIDER_GCP:-false}" export ENABLE_AUTH_PROVIDER_GCP="${ENABLE_AUTH_PROVIDER_GCP:-false}"
# External cloud provider requires ENABLE_AUTH_PROVIDER_GCP and feature flags
# DisableKubeletCloudCredentialProviders and DisableCloudProviders
if [[ "${CLOUD_PROVIDER_FLAG:-}" == "external" ]]; then
export ENABLE_AUTH_PROVIDER_GCP=true
if [[ -n "${FEATURE_GATES:-DisableKubeletCloudCredentialProviders=True,DisableCloudProviders=True}" ]]; then
export FEATURE_GATES="${FEATURE_GATES},DisableKubeletCloudCredentialProviders=True,DisableCloudProviders=True"
fi
fi

18
cluster/gce/config-test.sh
View File

@ -157,11 +157,6 @@ if [[ "${KUBE_FEATURE_GATES:-}" = 'AllAlpha=true' ]]; then
RUNTIME_CONFIG=${KUBE_RUNTIME_CONFIG:-api/all=true} RUNTIME_CONFIG=${KUBE_RUNTIME_CONFIG:-api/all=true}
fi fi
# If feature gates includes AllAlpha or EndpointSlice, and EndpointSlice has not been disabled, add EndpointSlice controller to list of controllers to run.
if [[ (( "${KUBE_FEATURE_GATES:-}" = *"AllAlpha=true"* ) || ( "${KUBE_FEATURE_GATES:-}" = *"EndpointSlice=true"* )) && "${KUBE_FEATURE_GATES:-}" != *"EndpointSlice=false"* ]]; then
RUN_CONTROLLERS=${RUN_CONTROLLERS:-*,endpointslice}
fi
# By default disable gkenetworkparamset controller in CCM # By default disable gkenetworkparamset controller in CCM
RUN_CCM_CONTROLLERS="${RUN_CCM_CONTROLLERS:-*,-gkenetworkparamset}" RUN_CCM_CONTROLLERS="${RUN_CCM_CONTROLLERS:-*,-gkenetworkparamset}"
@ -605,7 +600,7 @@ export TLS_CIPHER_SUITES=""
# CLOUD_PROVIDER_FLAG defines the cloud-provider value presented to KCM, apiserver, # CLOUD_PROVIDER_FLAG defines the cloud-provider value presented to KCM, apiserver,
# and kubelet # and kubelet
export CLOUD_PROVIDER_FLAG="${CLOUD_PROVIDER_FLAG:-gce}" export CLOUD_PROVIDER_FLAG="${CLOUD_PROVIDER_FLAG:-external}"
# When ENABLE_AUTH_PROVIDER_GCP is set, following flags for out-of-tree credential provider for GCP # When ENABLE_AUTH_PROVIDER_GCP is set, following flags for out-of-tree credential provider for GCP
# are presented to kubelet: # are presented to kubelet:
@ -613,4 +608,13 @@ export CLOUD_PROVIDER_FLAG="${CLOUD_PROVIDER_FLAG:-gce}"
# --image-credential-provider-bin-dir=${path-to-auth-provider-binary} # --image-credential-provider-bin-dir=${path-to-auth-provider-binary}
# Also, it is required that DisableKubeletCloudCredentialProviders and KubeletCredentialProviders # Also, it is required that DisableKubeletCloudCredentialProviders and KubeletCredentialProviders
# feature gates are set to true for kubelet to use external credential provider. # feature gates are set to true for kubelet to use external credential provider.
ENABLE_AUTH_PROVIDER_GCP="${ENABLE_AUTH_PROVIDER_GCP:-true}" export ENABLE_AUTH_PROVIDER_GCP="${ENABLE_AUTH_PROVIDER_GCP:-false}"
# External cloud provider requires ENABLE_AUTH_PROVIDER_GCP and feature flags
# DisableKubeletCloudCredentialProviders and DisableCloudProviders
if [[ "${CLOUD_PROVIDER_FLAG:-}" == "external" ]]; then
export ENABLE_AUTH_PROVIDER_GCP=true
if [[ -n "${FEATURE_GATES:-DisableKubeletCloudCredentialProviders=True,DisableCloudProviders=True}" ]]; then
export FEATURE_GATES="${FEATURE_GATES},DisableKubeletCloudCredentialProviders=True,DisableCloudProviders=True"
fi
fi

4
cluster/gce/gci/configure-helper.sh
View File

@ -2157,7 +2157,7 @@ function start-kube-controller-manager {
local params=("${CONTROLLER_MANAGER_TEST_LOG_LEVEL:-"--v=2"}" "${CONTROLLER_MANAGER_TEST_ARGS:-}" "${CLOUD_CONFIG_OPT}") local params=("${CONTROLLER_MANAGER_TEST_LOG_LEVEL:-"--v=2"}" "${CONTROLLER_MANAGER_TEST_ARGS:-}" "${CLOUD_CONFIG_OPT}")
local config_path='/etc/srv/kubernetes/kube-controller-manager/kubeconfig' local config_path='/etc/srv/kubernetes/kube-controller-manager/kubeconfig'
params+=("--use-service-account-credentials") params+=("--use-service-account-credentials")
params+=("--cloud-provider=${CLOUD_PROVIDER_FLAG:-gce}") params+=("--cloud-provider=${CLOUD_PROVIDER_FLAG:-external}")
params+=("--kubeconfig=${config_path}" "--authentication-kubeconfig=${config_path}" "--authorization-kubeconfig=${config_path}") params+=("--kubeconfig=${config_path}" "--authentication-kubeconfig=${config_path}" "--authorization-kubeconfig=${config_path}")
params+=("--root-ca-file=${CA_CERT_BUNDLE_PATH}") params+=("--root-ca-file=${CA_CERT_BUNDLE_PATH}")
params+=("--service-account-private-key-file=${SERVICEACCOUNT_KEY_PATH}") params+=("--service-account-private-key-file=${SERVICEACCOUNT_KEY_PATH}")
@ -3572,7 +3572,7 @@ function main() {
log-wrap 'StartKonnectivityServer' start-konnectivity-server log-wrap 'StartKonnectivityServer' start-konnectivity-server
fi fi
log-wrap 'StartKubeControllerManager' start-kube-controller-manager log-wrap 'StartKubeControllerManager' start-kube-controller-manager
if [[ "${CLOUD_PROVIDER_FLAG:-gce}" == "external" ]]; then if [[ "${CLOUD_PROVIDER_FLAG:-external}" == "external" ]]; then
log-wrap 'StartCloudControllerManager' start-cloud-controller-manager log-wrap 'StartCloudControllerManager' start-cloud-controller-manager
fi fi
log-wrap 'StartKubeScheduler' start-kube-scheduler log-wrap 'StartKubeScheduler' start-kube-scheduler

2
cluster/gce/gci/configure-kubeapiserver.sh
View File

@ -68,7 +68,7 @@ function start-kube-apiserver {
# Calculate variables and assemble the command line. # Calculate variables and assemble the command line.
local params="${API_SERVER_TEST_LOG_LEVEL:-"--v=2"} ${APISERVER_TEST_ARGS:-} ${CLOUD_CONFIG_OPT}" local params="${API_SERVER_TEST_LOG_LEVEL:-"--v=2"} ${APISERVER_TEST_ARGS:-} ${CLOUD_CONFIG_OPT}"
params+=" --allow-privileged=true" params+=" --allow-privileged=true"
params+=" --cloud-provider=${CLOUD_PROVIDER_FLAG:-gce}" params+=" --cloud-provider=${CLOUD_PROVIDER_FLAG:-external}"
params+=" --client-ca-file=${CA_CERT_BUNDLE_PATH}" params+=" --client-ca-file=${CA_CERT_BUNDLE_PATH}"
# params is passed by reference, so no "$" # params is passed by reference, so no "$"

2
cluster/gce/util.sh
View File

@ -745,7 +745,7 @@ function yaml-map-string-string {
# Returns kubelet flags used on both Linux and Windows nodes. # Returns kubelet flags used on both Linux and Windows nodes.
function construct-common-kubelet-flags { function construct-common-kubelet-flags {
local flags="${KUBELET_TEST_LOG_LEVEL:-"--v=2"} ${KUBELET_TEST_ARGS:-}" local flags="${KUBELET_TEST_LOG_LEVEL:-"--v=2"} ${KUBELET_TEST_ARGS:-}"
flags+=" --cloud-provider=${CLOUD_PROVIDER_FLAG:-gce}" flags+=" --cloud-provider=${CLOUD_PROVIDER_FLAG:-external}"
# TODO(mtaufen): ROTATE_CERTIFICATES seems unused; delete it? # TODO(mtaufen): ROTATE_CERTIFICATES seems unused; delete it?
if [[ -n "${ROTATE_CERTIFICATES:-}" ]]; then if [[ -n "${ROTATE_CERTIFICATES:-}" ]]; then
flags+=" --rotate-certificates=true" flags+=" --rotate-certificates=true"