kubeadm: Set the kubelet --resolv-conf flag conditionally on init

Fixes https://github.com/kubernetes/kubeadm/issues/845
This commit is contained in:
leigh schrandt 2018-06-02 23:45:48 -06:00
parent 0ecfd343b3
commit b7df5cd2f8
4 changed files with 8 additions and 32 deletions

View File

@ -19,6 +19,7 @@ go_library(
"//pkg/apis/rbac/v1:go_default_library",
"//pkg/kubelet/apis/kubeletconfig/scheme:go_default_library",
"//pkg/kubelet/apis/kubeletconfig/v1beta1:go_default_library",
"//pkg/util/procfs:go_default_library",
"//pkg/util/version:go_default_library",
"//vendor/github.com/golang/glog:go_default_library",
"//vendor/k8s.io/api/core/v1:go_default_library",

View File

@ -28,6 +28,7 @@ import (
kubeadmapiv1alpha2 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha2"
"k8s.io/kubernetes/cmd/kubeadm/app/constants"
kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util"
"k8s.io/kubernetes/pkg/util/procfs"
utilsexec "k8s.io/utils/exec"
)
@ -72,8 +73,12 @@ func buildKubeletArgMap(nodeRegOpts *kubeadmapi.NodeRegistrationOptions, registe
kubeletFlags["register-with-taints"] = strings.Join(taintStrs, ",")
}
if pids, _ := procfs.PidOf("systemd-resolved"); len(pids) > 0 {
// procfs.PidOf only returns an error if the regex is empty or doesn't compile, so we can ignore it
kubeletFlags["resolv-conf"] = "/run/systemd/resolve/resolv.conf"
}
// TODO: Pass through --hostname-override if a custom name is used?
// TODO: Check if `systemd-resolved` is running, and set `--resolv-conf` based on that
// TODO: Conditionally set `--cgroup-driver` to either `systemd` or `cgroupfs` for CRI other than Docker
return kubeletFlags

View File

@ -57,7 +57,6 @@ go_library(
"//pkg/registry/core/service/ipallocator:go_default_library",
"//pkg/util/initsystem:go_default_library",
"//pkg/util/ipvs:go_default_library",
"//pkg/util/procfs:go_default_library",
"//pkg/util/version:go_default_library",
"//pkg/version:go_default_library",
"//test/e2e_node/system:go_default_library",

View File

@ -51,7 +51,6 @@ import (
"k8s.io/kubernetes/pkg/registry/core/service/ipallocator"
"k8s.io/kubernetes/pkg/util/initsystem"
ipvsutil "k8s.io/kubernetes/pkg/util/ipvs"
"k8s.io/kubernetes/pkg/util/procfs"
versionutil "k8s.io/kubernetes/pkg/util/version"
kubeadmversion "k8s.io/kubernetes/pkg/version"
"k8s.io/kubernetes/test/e2e_node/system"
@ -830,33 +829,6 @@ func getEtcdVersionResponse(client *http.Client, url string, target interface{})
return err
}
// ResolveCheck tests for potential issues related to the system resolver configuration
type ResolveCheck struct{}
// Name returns label for ResolveCheck
func (ResolveCheck) Name() string {
return "Resolve"
}
// Check validates the system resolver configuration
func (ResolveCheck) Check() (warnings, errors []error) {
glog.V(1).Infoln("validating the system resolver configuration")
warnings = []error{}
// procfs.PidOf only returns an error if the string passed is empty
// or there is an issue compiling the regex, so we can ignore it here
pids, _ := procfs.PidOf("systemd-resolved")
if len(pids) > 0 {
warnings = append(warnings, fmt.Errorf(
"systemd-resolved was detected, for cluster dns resolution to work "+
"properly --resolv-conf=/run/systemd/resolve/resolv.conf must be set "+
"for the kubelet. (/etc/systemd/system/kubelet.service.d/10-kubeadm.conf should be edited for this purpose)\n"))
}
return warnings, errors
}
// ImagePullCheck will pull container images used by kubeadm
type ImagePullCheck struct {
Images images.Images
@ -1011,8 +983,7 @@ func addCommonChecks(execer utilsexec.Interface, cfg kubeadmapi.CommonConfigurat
InPathCheck{executable: "ethtool", mandatory: false, exec: execer},
InPathCheck{executable: "socat", mandatory: false, exec: execer},
InPathCheck{executable: "tc", mandatory: false, exec: execer},
InPathCheck{executable: "touch", mandatory: false, exec: execer},
ResolveCheck{})
InPathCheck{executable: "touch", mandatory: false, exec: execer})
}
checks = append(checks,
SystemVerificationCheck{CRISocket: cfg.GetCRISocket()},