From 8dcb980c6c91d295d077e8dde5157201c2820e7e Mon Sep 17 00:00:00 2001 From: "Lubomir I. Ivanov" Date: Sat, 7 Jul 2018 05:01:31 +0300 Subject: [PATCH] kubeadm: run kube-proxy on non-master tainted nodes kube-proxy should be able to run on all nodes, independent on the taint of such nodes. This restriction was previously removed in bb28449e31ee17 but then was brought back in d1949261ab71. Also, annotate with: scheduler.alpha.kubernetes.io/critical-pod: "" and add a class in the template spec: priorityClassName: system-node-critical --- cmd/kubeadm/app/phases/addons/proxy/BUILD | 1 - cmd/kubeadm/app/phases/addons/proxy/manifests.go | 6 ++++-- cmd/kubeadm/app/phases/addons/proxy/proxy.go | 4 +--- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/cmd/kubeadm/app/phases/addons/proxy/BUILD b/cmd/kubeadm/app/phases/addons/proxy/BUILD index 2fee37922a4..8b88308ca2b 100644 --- a/cmd/kubeadm/app/phases/addons/proxy/BUILD +++ b/cmd/kubeadm/app/phases/addons/proxy/BUILD @@ -35,7 +35,6 @@ go_library( deps = [ "//cmd/kubeadm/app/apis/kubeadm:go_default_library", "//cmd/kubeadm/app/componentconfigs:go_default_library", - "//cmd/kubeadm/app/constants:go_default_library", "//cmd/kubeadm/app/util:go_default_library", "//cmd/kubeadm/app/util/apiclient:go_default_library", "//staging/src/k8s.io/api/apps/v1:go_default_library", diff --git a/cmd/kubeadm/app/phases/addons/proxy/manifests.go b/cmd/kubeadm/app/phases/addons/proxy/manifests.go index ef3a1512b14..77caea96f8a 100644 --- a/cmd/kubeadm/app/phases/addons/proxy/manifests.go +++ b/cmd/kubeadm/app/phases/addons/proxy/manifests.go @@ -69,7 +69,10 @@ spec: metadata: labels: k8s-app: kube-proxy + annotations: + scheduler.alpha.kubernetes.io/critical-pod: "" spec: + priorityClassName: system-node-critical containers: - name: kube-proxy image: {{ if .ImageOverride }}{{ .ImageOverride }}{{ else }}{{ .ImageRepository }}/kube-proxy-{{ .Arch }}:{{ .Version }}{{ end }} @@ -104,8 +107,7 @@ spec: tolerations: - key: CriticalAddonsOnly operator: Exists - - key: {{ .MasterTaintKey }} - effect: NoSchedule + - operator: Exists nodeSelector: beta.kubernetes.io/arch: {{ .Arch }} ` diff --git a/cmd/kubeadm/app/phases/addons/proxy/proxy.go b/cmd/kubeadm/app/phases/addons/proxy/proxy.go index 3db1d91cd67..931ed486a69 100644 --- a/cmd/kubeadm/app/phases/addons/proxy/proxy.go +++ b/cmd/kubeadm/app/phases/addons/proxy/proxy.go @@ -30,7 +30,6 @@ import ( clientsetscheme "k8s.io/client-go/kubernetes/scheme" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" "k8s.io/kubernetes/cmd/kubeadm/app/componentconfigs" - kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" "k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient" ) @@ -74,12 +73,11 @@ func EnsureProxyAddon(cfg *kubeadmapi.InitConfiguration, client clientset.Interf if err != nil { return fmt.Errorf("error when parsing kube-proxy configmap template: %v", err) } - proxyDaemonSetBytes, err = kubeadmutil.ParseTemplate(KubeProxyDaemonSet19, struct{ ImageRepository, Arch, Version, ImageOverride, MasterTaintKey string }{ + proxyDaemonSetBytes, err = kubeadmutil.ParseTemplate(KubeProxyDaemonSet19, struct{ ImageRepository, Arch, Version, ImageOverride string }{ ImageRepository: cfg.GetControlPlaneImageRepository(), Arch: runtime.GOARCH, Version: kubeadmutil.KubernetesVersionToImageTag(cfg.KubernetesVersion), ImageOverride: cfg.UnifiedControlPlaneImage, - MasterTaintKey: kubeadmconstants.LabelNodeRoleMaster, }) if err != nil { return fmt.Errorf("error when parsing kube-proxy daemonset template: %v", err)