From 4a9703a219810eed76934e8f5a6504ca2562a657 Mon Sep 17 00:00:00 2001 From: JD Nurme Date: Tue, 9 Nov 2021 00:45:34 +0000 Subject: [PATCH 1/2] Added env variable for cloud-provider --- cluster/gce/config-default.sh | 4 ++++ cluster/gce/config-test.sh | 4 ++++ cluster/gce/gci/configure-helper.sh | 2 +- cluster/gce/gci/configure-kubeapiserver.sh | 2 +- cluster/gce/util.sh | 2 +- 5 files changed, 11 insertions(+), 3 deletions(-) diff --git a/cluster/gce/config-default.sh b/cluster/gce/config-default.sh index fc9ccde1670..dbb0ce62359 100755 --- a/cluster/gce/config-default.sh +++ b/cluster/gce/config-default.sh @@ -567,3 +567,7 @@ export WINDOWS_ENABLE_HYPERV="${WINDOWS_ENABLE_HYPERV:-false}" # TLS_CIPHER_SUITES defines cipher suites allowed to be used by kube-apiserver. # If this variable is unset or empty, kube-apiserver will allow its default set of cipher suites. export TLS_CIPHER_SUITES="" + +# CLOUD_PROVIDER defines the cloud-provider value presented to KCM, apiserver, +# and kubelet +export CLOUD_PROVIDER="${CLOUD_PROVIDER:-gce}" diff --git a/cluster/gce/config-test.sh b/cluster/gce/config-test.sh index a53c2b2c2b1..0672007456e 100755 --- a/cluster/gce/config-test.sh +++ b/cluster/gce/config-test.sh @@ -615,3 +615,7 @@ export WINDOWS_NODE_PROBLEM_DETECTOR_CUSTOM_FLAGS="${WINDOWS_NODE_PROBLEM_DETECT # TLS_CIPHER_SUITES defines cipher suites allowed to be used by kube-apiserver. # If this variable is unset or empty, kube-apiserver will allow its default set of cipher suites. export TLS_CIPHER_SUITES="" + +# CLOUD_PROVIDER defines the cloud-provider value presented to KCM, apiserver, +# and kubelet +export CLOUD_PROVIDER="${CLOUD_PROVIDER:-gce}" diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh index 358811cf615..ed1387901f0 100644 --- a/cluster/gce/gci/configure-helper.sh +++ b/cluster/gce/gci/configure-helper.sh @@ -2115,7 +2115,7 @@ function start-kube-controller-manager { local params=("${CONTROLLER_MANAGER_TEST_LOG_LEVEL:-"--v=2"}" "${CONTROLLER_MANAGER_TEST_ARGS:-}" "${CLOUD_CONFIG_OPT}") local config_path='/etc/srv/kubernetes/kube-controller-manager/kubeconfig' params+=("--use-service-account-credentials") - params+=("--cloud-provider=gce") + params+=("--cloud-provider=${CLOUD_PROVIDER:-gce}") params+=("--kubeconfig=${config_path}" "--authentication-kubeconfig=${config_path}" "--authorization-kubeconfig=${config_path}") params+=("--root-ca-file=${CA_CERT_BUNDLE_PATH}") params+=("--service-account-private-key-file=${SERVICEACCOUNT_KEY_PATH}") diff --git a/cluster/gce/gci/configure-kubeapiserver.sh b/cluster/gce/gci/configure-kubeapiserver.sh index 2fc9461aad9..fdd172310c1 100644 --- a/cluster/gce/gci/configure-kubeapiserver.sh +++ b/cluster/gce/gci/configure-kubeapiserver.sh @@ -69,7 +69,7 @@ function start-kube-apiserver { local params="${API_SERVER_TEST_LOG_LEVEL:-"--v=2"} ${APISERVER_TEST_ARGS:-} ${CLOUD_CONFIG_OPT}" params+=" --address=127.0.0.1" params+=" --allow-privileged=true" - params+=" --cloud-provider=gce" + params+=" --cloud-provider=${CLOUD_PROVIDER:-gce}" params+=" --client-ca-file=${CA_CERT_BUNDLE_PATH}" # params is passed by reference, so no "$" diff --git a/cluster/gce/util.sh b/cluster/gce/util.sh index 8cc89894f06..5925b747ecd 100755 --- a/cluster/gce/util.sh +++ b/cluster/gce/util.sh @@ -740,7 +740,7 @@ function yaml-map-string-string { # Returns kubelet flags used on both Linux and Windows nodes. function construct-common-kubelet-flags { local flags="${KUBELET_TEST_LOG_LEVEL:-"--v=2"} ${KUBELET_TEST_ARGS:-}" - flags+=" --cloud-provider=gce" + flags+=" --cloud-provider=${CLOUD_PROVIDER:-gce}" # TODO(mtaufen): ROTATE_CERTIFICATES seems unused; delete it? if [[ -n "${ROTATE_CERTIFICATES:-}" ]]; then flags+=" --rotate-certificates=true" From 30fabbc0cbcf946c43dbac31bf7d13e5ba7e4415 Mon Sep 17 00:00:00 2001 From: JD Nurme Date: Thu, 6 Jan 2022 19:51:17 +0000 Subject: [PATCH 2/2] updated flag name --- cluster/gce/config-default.sh | 4 ++-- cluster/gce/config-test.sh | 4 ++-- cluster/gce/gci/configure-helper.sh | 2 +- cluster/gce/gci/configure-kubeapiserver.sh | 2 +- cluster/gce/util.sh | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/cluster/gce/config-default.sh b/cluster/gce/config-default.sh index dbb0ce62359..c7b4883f27f 100755 --- a/cluster/gce/config-default.sh +++ b/cluster/gce/config-default.sh @@ -568,6 +568,6 @@ export WINDOWS_ENABLE_HYPERV="${WINDOWS_ENABLE_HYPERV:-false}" # If this variable is unset or empty, kube-apiserver will allow its default set of cipher suites. export TLS_CIPHER_SUITES="" -# CLOUD_PROVIDER defines the cloud-provider value presented to KCM, apiserver, +# CLOUD_PROVIDER_FLAG defines the cloud-provider value presented to KCM, apiserver, # and kubelet -export CLOUD_PROVIDER="${CLOUD_PROVIDER:-gce}" +export CLOUD_PROVIDER_FLAG="${CLOUD_PROVIDER_FLAG:-gce}" diff --git a/cluster/gce/config-test.sh b/cluster/gce/config-test.sh index 0672007456e..d7624d13591 100755 --- a/cluster/gce/config-test.sh +++ b/cluster/gce/config-test.sh @@ -616,6 +616,6 @@ export WINDOWS_NODE_PROBLEM_DETECTOR_CUSTOM_FLAGS="${WINDOWS_NODE_PROBLEM_DETECT # If this variable is unset or empty, kube-apiserver will allow its default set of cipher suites. export TLS_CIPHER_SUITES="" -# CLOUD_PROVIDER defines the cloud-provider value presented to KCM, apiserver, +# CLOUD_PROVIDER_FLAG defines the cloud-provider value presented to KCM, apiserver, # and kubelet -export CLOUD_PROVIDER="${CLOUD_PROVIDER:-gce}" +export CLOUD_PROVIDER_FLAG="${CLOUD_PROVIDER_FLAG:-gce}" diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh index ed1387901f0..1c35f2e3bf6 100644 --- a/cluster/gce/gci/configure-helper.sh +++ b/cluster/gce/gci/configure-helper.sh @@ -2115,7 +2115,7 @@ function start-kube-controller-manager { local params=("${CONTROLLER_MANAGER_TEST_LOG_LEVEL:-"--v=2"}" "${CONTROLLER_MANAGER_TEST_ARGS:-}" "${CLOUD_CONFIG_OPT}") local config_path='/etc/srv/kubernetes/kube-controller-manager/kubeconfig' params+=("--use-service-account-credentials") - params+=("--cloud-provider=${CLOUD_PROVIDER:-gce}") + params+=("--cloud-provider=${CLOUD_PROVIDER_FLAG:-gce}") params+=("--kubeconfig=${config_path}" "--authentication-kubeconfig=${config_path}" "--authorization-kubeconfig=${config_path}") params+=("--root-ca-file=${CA_CERT_BUNDLE_PATH}") params+=("--service-account-private-key-file=${SERVICEACCOUNT_KEY_PATH}") diff --git a/cluster/gce/gci/configure-kubeapiserver.sh b/cluster/gce/gci/configure-kubeapiserver.sh index fdd172310c1..7616a29c063 100644 --- a/cluster/gce/gci/configure-kubeapiserver.sh +++ b/cluster/gce/gci/configure-kubeapiserver.sh @@ -69,7 +69,7 @@ function start-kube-apiserver { local params="${API_SERVER_TEST_LOG_LEVEL:-"--v=2"} ${APISERVER_TEST_ARGS:-} ${CLOUD_CONFIG_OPT}" params+=" --address=127.0.0.1" params+=" --allow-privileged=true" - params+=" --cloud-provider=${CLOUD_PROVIDER:-gce}" + params+=" --cloud-provider=${CLOUD_PROVIDER_FLAG:-gce}" params+=" --client-ca-file=${CA_CERT_BUNDLE_PATH}" # params is passed by reference, so no "$" diff --git a/cluster/gce/util.sh b/cluster/gce/util.sh index 5925b747ecd..34e0e0e8bd3 100755 --- a/cluster/gce/util.sh +++ b/cluster/gce/util.sh @@ -740,7 +740,7 @@ function yaml-map-string-string { # Returns kubelet flags used on both Linux and Windows nodes. function construct-common-kubelet-flags { local flags="${KUBELET_TEST_LOG_LEVEL:-"--v=2"} ${KUBELET_TEST_ARGS:-}" - flags+=" --cloud-provider=${CLOUD_PROVIDER:-gce}" + flags+=" --cloud-provider=${CLOUD_PROVIDER_FLAG:-gce}" # TODO(mtaufen): ROTATE_CERTIFICATES seems unused; delete it? if [[ -n "${ROTATE_CERTIFICATES:-}" ]]; then flags+=" --rotate-certificates=true"