From d14c27a347e6aa9fe8af31ec84e331202d07de1b Mon Sep 17 00:00:00 2001 From: "Rostislav M. Georgiev" Date: Fri, 12 Oct 2018 18:14:57 +0300 Subject: [PATCH] kubeadm: Control plane config moved to substructs In v1alpha3's, control plane component config options were nested directly into the ClusterConfiguration structure. This is cluttering the config structure and makes it hard to maintain. Therefore the control plane config options must be separated into different substructures in order to graduate the format to beta. This change does the following: - Introduces a new structure called ControlPlaneComponent, that contains fields common to all control plane component types. These are currently extra args and extra volumes. - Introduce a new structure called APIServer that contains ControlPlaneComponent and APIServerCertSANs field (from ClusterConfiguration) - Replace all API Server, Scheduler and Controller Manager options in ClusterConfiguration with APIServer, ControllerManager and Scheduler fields of APIServer and ControlPlaneComponent types. Signed-off-by: Rostislav M. Georgiev --- cmd/kubeadm/app/apis/kubeadm/types.go | 49 +++++---- .../app/apis/kubeadm/v1alpha3/conversion.go | 38 +++++++ .../v1alpha3/zz_generated.conversion.go | 44 ++++---- cmd/kubeadm/app/apis/kubeadm/v1beta1/doc.go | 79 +++++++------- cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go | 48 ++++----- .../v1beta1/zz_generated.conversion.go | 100 +++++++++++++++--- .../kubeadm/v1beta1/zz_generated.deepcopy.go | 94 +++++++++------- .../app/apis/kubeadm/validation/validation.go | 9 +- .../app/apis/kubeadm/zz_generated.deepcopy.go | 94 +++++++++------- cmd/kubeadm/app/cmd/init.go | 2 +- cmd/kubeadm/app/cmd/upgrade/common_test.go | 6 ++ cmd/kubeadm/app/phases/certs/doc.go | 2 +- .../app/phases/controlplane/manifests.go | 12 +-- .../app/phases/controlplane/manifests_test.go | 60 +++++++---- .../app/phases/controlplane/volumes.go | 6 +- .../app/phases/upgrade/staticpods_test.go | 5 +- cmd/kubeadm/app/util/config/common_test.go | 14 +-- .../app/util/config/initconfiguration.go | 2 +- .../testdata/conversion/master/internal.yaml | 19 ++-- .../testdata/conversion/master/v1beta1.yaml | 7 +- .../testdata/defaulting/master/defaulted.yaml | 3 + cmd/kubeadm/app/util/pkiutil/pki_helpers.go | 2 +- .../app/util/pkiutil/pki_helpers_test.go | 8 +- cmd/kubeadm/app/util/staticpod/utils.go | 4 +- cmd/kubeadm/app/util/staticpod/utils_test.go | 16 ++- 25 files changed, 456 insertions(+), 267 deletions(-) diff --git a/cmd/kubeadm/app/apis/kubeadm/types.go b/cmd/kubeadm/app/apis/kubeadm/types.go index e5d464e2539..3351c919511 100644 --- a/cmd/kubeadm/app/apis/kubeadm/types.go +++ b/cmd/kubeadm/app/apis/kubeadm/types.go @@ -81,33 +81,15 @@ type ClusterConfiguration struct { // could be used for assigning a stable DNS to the control plane. ControlPlaneEndpoint string - // APIServerExtraArgs is a set of extra flags to pass to the API Server or override - // default ones in form of =. - // TODO: This is temporary and ideally we would like to switch all components to - // use ComponentConfig + ConfigMaps. - APIServerExtraArgs map[string]string - // ControllerManagerExtraArgs is a set of extra flags to pass to the Controller Manager - // or override default ones in form of = - // TODO: This is temporary and ideally we would like to switch all components to - // use ComponentConfig + ConfigMaps. - ControllerManagerExtraArgs map[string]string - // SchedulerExtraArgs is a set of extra flags to pass to the Scheduler or override - // default ones in form of = - // TODO: This is temporary and ideally we would like to switch all components to - // use ComponentConfig + ConfigMaps. - SchedulerExtraArgs map[string]string + // APIServer contains extra settings for the API server control plane component + APIServer APIServer - // APIServerExtraVolumes is an extra set of host volumes mounted to the API server. - APIServerExtraVolumes []HostPathMount - // ControllerManagerExtraVolumes is an extra set of host volumes mounted to the - // Controller Manager. - ControllerManagerExtraVolumes []HostPathMount - // SchedulerExtraVolumes is an extra set of host volumes mounted to the scheduler. - SchedulerExtraVolumes []HostPathMount + // ControllerManager contains extra settings for the controller manager control plane component + ControllerManager ControlPlaneComponent + + // Scheduler contains extra settings for the scheduler control plane component + Scheduler ControlPlaneComponent - // APIServerCertSANs sets extra Subject Alternative Names for the API Server - // signing cert. - APIServerCertSANs []string // CertificatesDir specifies where to store or look for all required certificates. CertificatesDir string @@ -133,6 +115,23 @@ type ClusterConfiguration struct { ClusterName string } +// ControlPlaneComponent holds settings common to control plane component of the cluster +type ControlPlaneComponent struct { + // ExtraArgs is an extra set of flags to pass to the control plane component. + ExtraArgs map[string]string + + // ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + ExtraVolumes []HostPathMount +} + +// APIServer holds settings necessary for API server deployments in the cluster +type APIServer struct { + ControlPlaneComponent + + // CertSANs sets extra Subject Alternative Names for the API Server signing cert. + CertSANs []string +} + // ComponentConfigs holds known internal ComponentConfig types for other components type ComponentConfigs struct { // Kubelet holds the ComponentConfiguration for the kubelet diff --git a/cmd/kubeadm/app/apis/kubeadm/v1alpha3/conversion.go b/cmd/kubeadm/app/apis/kubeadm/v1alpha3/conversion.go index 1131f422ad7..4ff1cdebfb7 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1alpha3/conversion.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1alpha3/conversion.go @@ -17,6 +17,8 @@ limitations under the License. package v1alpha3 import ( + "unsafe" + "k8s.io/apimachinery/pkg/conversion" "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" ) @@ -76,3 +78,39 @@ func Convert_kubeadm_JoinConfiguration_To_v1alpha3_JoinConfiguration(in *kubeadm return nil } + +func Convert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in *ClusterConfiguration, out *kubeadm.ClusterConfiguration, s conversion.Scope) error { + if err := autoConvert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in, out, s); err != nil { + return err + } + + out.APIServer.ExtraArgs = in.APIServerExtraArgs + out.APIServer.ExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes)) + out.APIServer.CertSANs = in.APIServerCertSANs + + out.ControllerManager.ExtraArgs = in.ControllerManagerExtraArgs + out.ControllerManager.ExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes)) + + out.Scheduler.ExtraArgs = in.SchedulerExtraArgs + out.Scheduler.ExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes)) + + return nil +} + +func Convert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in *kubeadm.ClusterConfiguration, out *ClusterConfiguration, s conversion.Scope) error { + if err := autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in, out, s); err != nil { + return err + } + + out.APIServerExtraArgs = in.APIServer.ExtraArgs + out.APIServerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.APIServer.ExtraVolumes)) + out.APIServerCertSANs = in.APIServer.CertSANs + + out.ControllerManagerExtraArgs = in.ControllerManager.ExtraArgs + out.ControllerManagerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.ControllerManager.ExtraVolumes)) + + out.SchedulerExtraArgs = in.Scheduler.ExtraArgs + out.SchedulerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.Scheduler.ExtraVolumes)) + + return nil +} diff --git a/cmd/kubeadm/app/apis/kubeadm/v1alpha3/zz_generated.conversion.go b/cmd/kubeadm/app/apis/kubeadm/v1alpha3/zz_generated.conversion.go index b603541c317..1cc66d9f3bf 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1alpha3/zz_generated.conversion.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1alpha3/zz_generated.conversion.go @@ -177,11 +177,21 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddConversionFunc((*kubeadm.ClusterConfiguration)(nil), (*ClusterConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(a.(*kubeadm.ClusterConfiguration), b.(*ClusterConfiguration), scope) + }); err != nil { + return err + } if err := s.AddConversionFunc((*kubeadm.JoinConfiguration)(nil), (*JoinConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_kubeadm_JoinConfiguration_To_v1alpha3_JoinConfiguration(a.(*kubeadm.JoinConfiguration), b.(*JoinConfiguration), scope) }); err != nil { return err } + if err := s.AddConversionFunc((*ClusterConfiguration)(nil), (*kubeadm.ClusterConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(a.(*ClusterConfiguration), b.(*kubeadm.ClusterConfiguration), scope) + }); err != nil { + return err + } if err := s.AddConversionFunc((*JoinConfiguration)(nil), (*kubeadm.JoinConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha3_JoinConfiguration_To_kubeadm_JoinConfiguration(a.(*JoinConfiguration), b.(*kubeadm.JoinConfiguration), scope) }); err != nil { @@ -297,13 +307,13 @@ func autoConvert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(i } out.KubernetesVersion = in.KubernetesVersion out.ControlPlaneEndpoint = in.ControlPlaneEndpoint - out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs)) - out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs)) - out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs)) - out.APIServerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes)) - out.ControllerManagerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes)) - out.SchedulerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes)) - out.APIServerCertSANs = *(*[]string)(unsafe.Pointer(&in.APIServerCertSANs)) + // WARNING: in.APIServerExtraArgs requires manual conversion: does not exist in peer-type + // WARNING: in.ControllerManagerExtraArgs requires manual conversion: does not exist in peer-type + // WARNING: in.SchedulerExtraArgs requires manual conversion: does not exist in peer-type + // WARNING: in.APIServerExtraVolumes requires manual conversion: does not exist in peer-type + // WARNING: in.ControllerManagerExtraVolumes requires manual conversion: does not exist in peer-type + // WARNING: in.SchedulerExtraVolumes requires manual conversion: does not exist in peer-type + // WARNING: in.APIServerCertSANs requires manual conversion: does not exist in peer-type out.CertificatesDir = in.CertificatesDir out.ImageRepository = in.ImageRepository out.UnifiedControlPlaneImage = in.UnifiedControlPlaneImage @@ -315,11 +325,6 @@ func autoConvert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(i return nil } -// Convert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration is an autogenerated conversion function. -func Convert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in *ClusterConfiguration, out *kubeadm.ClusterConfiguration, s conversion.Scope) error { - return autoConvert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in, out, s) -} - func autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in *kubeadm.ClusterConfiguration, out *ClusterConfiguration, s conversion.Scope) error { // INFO: in.ComponentConfigs opted out of conversion generation if err := Convert_kubeadm_Etcd_To_v1alpha3_Etcd(&in.Etcd, &out.Etcd, s); err != nil { @@ -330,13 +335,9 @@ func autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(i } out.KubernetesVersion = in.KubernetesVersion out.ControlPlaneEndpoint = in.ControlPlaneEndpoint - out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs)) - out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs)) - out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs)) - out.APIServerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes)) - out.ControllerManagerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes)) - out.SchedulerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes)) - out.APIServerCertSANs = *(*[]string)(unsafe.Pointer(&in.APIServerCertSANs)) + // WARNING: in.APIServer requires manual conversion: does not exist in peer-type + // WARNING: in.ControllerManager requires manual conversion: does not exist in peer-type + // WARNING: in.Scheduler requires manual conversion: does not exist in peer-type out.CertificatesDir = in.CertificatesDir out.ImageRepository = in.ImageRepository // INFO: in.CIImageRepository opted out of conversion generation @@ -349,11 +350,6 @@ func autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(i return nil } -// Convert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration is an autogenerated conversion function. -func Convert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in *kubeadm.ClusterConfiguration, out *ClusterConfiguration, s conversion.Scope) error { - return autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in, out, s) -} - func autoConvert_v1alpha3_ClusterStatus_To_kubeadm_ClusterStatus(in *ClusterStatus, out *kubeadm.ClusterStatus, s conversion.Scope) error { out.APIEndpoints = *(*map[string]kubeadm.APIEndpoint)(unsafe.Pointer(&in.APIEndpoints)) return nil diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta1/doc.go b/cmd/kubeadm/app/apis/kubeadm/v1beta1/doc.go index 4c3179424d4..ebba802fbd9 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta1/doc.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta1/doc.go @@ -200,44 +200,47 @@ limitations under the License. // dnsDomain: "cluster.local" // kubernetesVersion: "v1.12.0" // controlPlaneEndpoint: "10.100.0.1:6443" -// apiServerExtraArgs: -// authorization-mode: "Node,RBAC" -// controllerManagerExtraArgs: -// node-cidr-mask-size: 20 -// schedulerExtraArgs: -// address: "10.100.0.1" -// apiServerExtraVolumes: -// - name: "some-volume" -// hostPath: "/etc/some-path" -// mountPath: "/etc/some-pod-path" -// writable: true -// pathType: File -// controllerManagerExtraVolumes: -// - name: "some-volume" -// hostPath: "/etc/some-path" -// mountPath: "/etc/some-pod-path" -// writable: true -// pathType: File -// schedulerExtraVolumes: -// - name: "some-volume" -// hostPath: "/etc/some-path" -// mountPath: "/etc/some-pod-path" -// writable: true -// pathType: File -// apiServerCertSANs: -// - "10.100.1.1" -// - "ec2-10-100-0-1.compute-1.amazonaws.com" -// certificatesDir: "/etc/kubernetes/pki" -// imageRepository: "k8s.gcr.io" -// unifiedControlPlaneImage: "k8s.gcr.io/controlplane:v1.12.0" -// auditPolicy: -// # https://kubernetes.io/docs/tasks/debug-application-cluster/audit/#audit-policy -// path: "/var/log/audit/audit.json" -// logDir: "/var/log/audit" -// logMaxAge: 7 # in days -// featureGates: -// selfhosting: false -// clusterName: "example-cluster" +// apiServer: +// extraArgs: +// authorization-mode: "Node,RBAC" +// extraVolumes: +// - name: "some-volume" +// hostPath: "/etc/some-path" +// mountPath: "/etc/some-pod-path" +// writable: true +// pathType: File +// certSANs: +// - "10.100.1.1" +// - "ec2-10-100-0-1.compute-1.amazonaws.com" +// controllerManager: +// extraArgs: +// node-cidr-mask-size: 20 +// extraVolumes: +// - name: "some-volume" +// hostPath: "/etc/some-path" +// mountPath: "/etc/some-pod-path" +// writable: true +// pathType: File +// scheduler: +// extraArgs: +// address: "10.100.0.1" +// extraVolumes: +// - name: "some-volume" +// hostPath: "/etc/some-path" +// mountPath: "/etc/some-pod-path" +// writable: true +// pathType: File +// certificatesDir: "/etc/kubernetes/pki" +// imageRepository: "k8s.gcr.io" +// unifiedControlPlaneImage: "k8s.gcr.io/controlplane:v1.12.0" +// auditPolicy: +// # https://kubernetes.io/docs/tasks/debug-application-cluster/audit/#audit-policy +// path: "/var/log/audit/audit.json" +// logDir: "/var/log/audit" +// logMaxAge: 7 # in days +// featureGates: +// selfhosting: false +// clusterName: "example-cluster" // // Kubeadm join configuration types // diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go b/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go index 2cbd09c4dec..9378243e0a5 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go @@ -77,32 +77,15 @@ type ClusterConfiguration struct { // could be used for assigning a stable DNS to the control plane. ControlPlaneEndpoint string `json:"controlPlaneEndpoint"` - // APIServerExtraArgs is a set of extra flags to pass to the API Server or override - // default ones in form of =. - // TODO: This is temporary and ideally we would like to switch all components to - // use ComponentConfig + ConfigMaps. - APIServerExtraArgs map[string]string `json:"apiServerExtraArgs,omitempty"` - // ControllerManagerExtraArgs is a set of extra flags to pass to the Controller Manager - // or override default ones in form of = - // TODO: This is temporary and ideally we would like to switch all components to - // use ComponentConfig + ConfigMaps. - ControllerManagerExtraArgs map[string]string `json:"controllerManagerExtraArgs,omitempty"` - // SchedulerExtraArgs is a set of extra flags to pass to the Scheduler or override - // default ones in form of = - // TODO: This is temporary and ideally we would like to switch all components to - // use ComponentConfig + ConfigMaps. - SchedulerExtraArgs map[string]string `json:"schedulerExtraArgs,omitempty"` + // APIServer contains extra settings for the API server control plane component + APIServer APIServer `json:"apiServer,omitempty"` - // APIServerExtraVolumes is an extra set of host volumes mounted to the API server. - APIServerExtraVolumes []HostPathMount `json:"apiServerExtraVolumes,omitempty"` - // ControllerManagerExtraVolumes is an extra set of host volumes mounted to the - // Controller Manager. - ControllerManagerExtraVolumes []HostPathMount `json:"controllerManagerExtraVolumes,omitempty"` - // SchedulerExtraVolumes is an extra set of host volumes mounted to the scheduler. - SchedulerExtraVolumes []HostPathMount `json:"schedulerExtraVolumes,omitempty"` + // ControllerManager contains extra settings for the controller manager control plane component + ControllerManager ControlPlaneComponent `json:"controllerManager,omitempty"` + + // Scheduler contains extra settings for the scheduler control plane component + Scheduler ControlPlaneComponent `json:"scheduler,omitempty"` - // APIServerCertSANs sets extra Subject Alternative Names for the API Server signing cert. - APIServerCertSANs []string `json:"apiServerCertSANs,omitempty"` // CertificatesDir specifies where to store or look for all required certificates. CertificatesDir string `json:"certificatesDir"` @@ -122,6 +105,23 @@ type ClusterConfiguration struct { ClusterName string `json:"clusterName,omitempty"` } +// ControlPlaneComponent holds settings common to control plane component of the cluster +type ControlPlaneComponent struct { + // ExtraArgs is an extra set of flags to pass to the control plane component. + ExtraArgs map[string]string `json:"extraArgs,omitempty"` + + // ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + ExtraVolumes []HostPathMount `json:"extraVolumes,omitempty"` +} + +// APIServer holds settings necessary for API server deployments in the cluster +type APIServer struct { + ControlPlaneComponent `json:",inline"` + + // CertSANs sets extra Subject Alternative Names for the API Server signing cert. + CertSANs []string `json:"certSANs,omitempty"` +} + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // ClusterStatus contains the cluster status. The ClusterStatus will be stored in the kubeadm-config diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.conversion.go b/cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.conversion.go index dd0676bafb1..fda28f950d3 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.conversion.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.conversion.go @@ -47,6 +47,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*APIServer)(nil), (*kubeadm.APIServer)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_APIServer_To_kubeadm_APIServer(a.(*APIServer), b.(*kubeadm.APIServer), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*kubeadm.APIServer)(nil), (*APIServer)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_kubeadm_APIServer_To_v1beta1_APIServer(a.(*kubeadm.APIServer), b.(*APIServer), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*AuditPolicyConfiguration)(nil), (*kubeadm.AuditPolicyConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1beta1_AuditPolicyConfiguration_To_kubeadm_AuditPolicyConfiguration(a.(*AuditPolicyConfiguration), b.(*kubeadm.AuditPolicyConfiguration), scope) }); err != nil { @@ -107,6 +117,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*ControlPlaneComponent)(nil), (*kubeadm.ControlPlaneComponent)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(a.(*ControlPlaneComponent), b.(*kubeadm.ControlPlaneComponent), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*kubeadm.ControlPlaneComponent)(nil), (*ControlPlaneComponent)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(a.(*kubeadm.ControlPlaneComponent), b.(*ControlPlaneComponent), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*Discovery)(nil), (*kubeadm.Discovery)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1beta1_Discovery_To_kubeadm_Discovery(a.(*Discovery), b.(*kubeadm.Discovery), scope) }); err != nil { @@ -232,6 +252,32 @@ func Convert_kubeadm_APIEndpoint_To_v1beta1_APIEndpoint(in *kubeadm.APIEndpoint, return autoConvert_kubeadm_APIEndpoint_To_v1beta1_APIEndpoint(in, out, s) } +func autoConvert_v1beta1_APIServer_To_kubeadm_APIServer(in *APIServer, out *kubeadm.APIServer, s conversion.Scope) error { + if err := Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(&in.ControlPlaneComponent, &out.ControlPlaneComponent, s); err != nil { + return err + } + out.CertSANs = *(*[]string)(unsafe.Pointer(&in.CertSANs)) + return nil +} + +// Convert_v1beta1_APIServer_To_kubeadm_APIServer is an autogenerated conversion function. +func Convert_v1beta1_APIServer_To_kubeadm_APIServer(in *APIServer, out *kubeadm.APIServer, s conversion.Scope) error { + return autoConvert_v1beta1_APIServer_To_kubeadm_APIServer(in, out, s) +} + +func autoConvert_kubeadm_APIServer_To_v1beta1_APIServer(in *kubeadm.APIServer, out *APIServer, s conversion.Scope) error { + if err := Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(&in.ControlPlaneComponent, &out.ControlPlaneComponent, s); err != nil { + return err + } + out.CertSANs = *(*[]string)(unsafe.Pointer(&in.CertSANs)) + return nil +} + +// Convert_kubeadm_APIServer_To_v1beta1_APIServer is an autogenerated conversion function. +func Convert_kubeadm_APIServer_To_v1beta1_APIServer(in *kubeadm.APIServer, out *APIServer, s conversion.Scope) error { + return autoConvert_kubeadm_APIServer_To_v1beta1_APIServer(in, out, s) +} + func autoConvert_v1beta1_AuditPolicyConfiguration_To_kubeadm_AuditPolicyConfiguration(in *AuditPolicyConfiguration, out *kubeadm.AuditPolicyConfiguration, s conversion.Scope) error { out.Path = in.Path out.LogDir = in.LogDir @@ -343,13 +389,15 @@ func autoConvert_v1beta1_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in } out.KubernetesVersion = in.KubernetesVersion out.ControlPlaneEndpoint = in.ControlPlaneEndpoint - out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs)) - out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs)) - out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs)) - out.APIServerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes)) - out.ControllerManagerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes)) - out.SchedulerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes)) - out.APIServerCertSANs = *(*[]string)(unsafe.Pointer(&in.APIServerCertSANs)) + if err := Convert_v1beta1_APIServer_To_kubeadm_APIServer(&in.APIServer, &out.APIServer, s); err != nil { + return err + } + if err := Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(&in.ControllerManager, &out.ControllerManager, s); err != nil { + return err + } + if err := Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(&in.Scheduler, &out.Scheduler, s); err != nil { + return err + } out.CertificatesDir = in.CertificatesDir out.ImageRepository = in.ImageRepository out.UnifiedControlPlaneImage = in.UnifiedControlPlaneImage @@ -376,13 +424,15 @@ func autoConvert_kubeadm_ClusterConfiguration_To_v1beta1_ClusterConfiguration(in } out.KubernetesVersion = in.KubernetesVersion out.ControlPlaneEndpoint = in.ControlPlaneEndpoint - out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs)) - out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs)) - out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs)) - out.APIServerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes)) - out.ControllerManagerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes)) - out.SchedulerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes)) - out.APIServerCertSANs = *(*[]string)(unsafe.Pointer(&in.APIServerCertSANs)) + if err := Convert_kubeadm_APIServer_To_v1beta1_APIServer(&in.APIServer, &out.APIServer, s); err != nil { + return err + } + if err := Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(&in.ControllerManager, &out.ControllerManager, s); err != nil { + return err + } + if err := Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(&in.Scheduler, &out.Scheduler, s); err != nil { + return err + } out.CertificatesDir = in.CertificatesDir out.ImageRepository = in.ImageRepository // INFO: in.CIImageRepository opted out of conversion generation @@ -420,6 +470,28 @@ func Convert_kubeadm_ClusterStatus_To_v1beta1_ClusterStatus(in *kubeadm.ClusterS return autoConvert_kubeadm_ClusterStatus_To_v1beta1_ClusterStatus(in, out, s) } +func autoConvert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(in *ControlPlaneComponent, out *kubeadm.ControlPlaneComponent, s conversion.Scope) error { + out.ExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ExtraArgs)) + out.ExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.ExtraVolumes)) + return nil +} + +// Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent is an autogenerated conversion function. +func Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(in *ControlPlaneComponent, out *kubeadm.ControlPlaneComponent, s conversion.Scope) error { + return autoConvert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(in, out, s) +} + +func autoConvert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(in *kubeadm.ControlPlaneComponent, out *ControlPlaneComponent, s conversion.Scope) error { + out.ExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ExtraArgs)) + out.ExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.ExtraVolumes)) + return nil +} + +// Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent is an autogenerated conversion function. +func Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(in *kubeadm.ControlPlaneComponent, out *ControlPlaneComponent, s conversion.Scope) error { + return autoConvert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(in, out, s) +} + func autoConvert_v1beta1_Discovery_To_kubeadm_Discovery(in *Discovery, out *kubeadm.Discovery, s conversion.Scope) error { out.BootstrapToken = (*kubeadm.BootstrapTokenDiscovery)(unsafe.Pointer(in.BootstrapToken)) out.File = (*kubeadm.FileDiscovery)(unsafe.Pointer(in.File)) diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.deepcopy.go b/cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.deepcopy.go index 92bf16ffe75..cc2e1ad7125 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.deepcopy.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.deepcopy.go @@ -42,6 +42,28 @@ func (in *APIEndpoint) DeepCopy() *APIEndpoint { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIServer) DeepCopyInto(out *APIServer) { + *out = *in + in.ControlPlaneComponent.DeepCopyInto(&out.ControlPlaneComponent) + if in.CertSANs != nil { + in, out := &in.CertSANs, &out.CertSANs + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServer. +func (in *APIServer) DeepCopy() *APIServer { + if in == nil { + return nil + } + out := new(APIServer) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AuditPolicyConfiguration) DeepCopyInto(out *AuditPolicyConfiguration) { *out = *in @@ -146,47 +168,9 @@ func (in *ClusterConfiguration) DeepCopyInto(out *ClusterConfiguration) { out.TypeMeta = in.TypeMeta in.Etcd.DeepCopyInto(&out.Etcd) out.Networking = in.Networking - if in.APIServerExtraArgs != nil { - in, out := &in.APIServerExtraArgs, &out.APIServerExtraArgs - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.ControllerManagerExtraArgs != nil { - in, out := &in.ControllerManagerExtraArgs, &out.ControllerManagerExtraArgs - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.SchedulerExtraArgs != nil { - in, out := &in.SchedulerExtraArgs, &out.SchedulerExtraArgs - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.APIServerExtraVolumes != nil { - in, out := &in.APIServerExtraVolumes, &out.APIServerExtraVolumes - *out = make([]HostPathMount, len(*in)) - copy(*out, *in) - } - if in.ControllerManagerExtraVolumes != nil { - in, out := &in.ControllerManagerExtraVolumes, &out.ControllerManagerExtraVolumes - *out = make([]HostPathMount, len(*in)) - copy(*out, *in) - } - if in.SchedulerExtraVolumes != nil { - in, out := &in.SchedulerExtraVolumes, &out.SchedulerExtraVolumes - *out = make([]HostPathMount, len(*in)) - copy(*out, *in) - } - if in.APIServerCertSANs != nil { - in, out := &in.APIServerCertSANs, &out.APIServerCertSANs - *out = make([]string, len(*in)) - copy(*out, *in) - } + in.APIServer.DeepCopyInto(&out.APIServer) + in.ControllerManager.DeepCopyInto(&out.ControllerManager) + in.Scheduler.DeepCopyInto(&out.Scheduler) in.AuditPolicyConfiguration.DeepCopyInto(&out.AuditPolicyConfiguration) if in.FeatureGates != nil { in, out := &in.FeatureGates, &out.FeatureGates @@ -248,6 +232,34 @@ func (in *ClusterStatus) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ControlPlaneComponent) DeepCopyInto(out *ControlPlaneComponent) { + *out = *in + if in.ExtraArgs != nil { + in, out := &in.ExtraArgs, &out.ExtraArgs + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.ExtraVolumes != nil { + in, out := &in.ExtraVolumes, &out.ExtraVolumes + *out = make([]HostPathMount, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControlPlaneComponent. +func (in *ControlPlaneComponent) DeepCopy() *ControlPlaneComponent { + if in == nil { + return nil + } + out := new(ControlPlaneComponent) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Discovery) DeepCopyInto(out *Discovery) { *out = *in diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go index 5d26e226af6..30bdc776127 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go @@ -57,7 +57,7 @@ func ValidateInitConfiguration(c *kubeadm.InitConfiguration) field.ErrorList { func ValidateClusterConfiguration(c *kubeadm.ClusterConfiguration) field.ErrorList { allErrs := field.ErrorList{} allErrs = append(allErrs, ValidateNetworking(&c.Networking, field.NewPath("networking"))...) - allErrs = append(allErrs, ValidateCertSANs(c.APIServerCertSANs, field.NewPath("apiServerCertSANs"))...) + allErrs = append(allErrs, ValidateAPIServer(&c.APIServer, field.NewPath("apiServer"))...) allErrs = append(allErrs, ValidateAbsolutePath(c.CertificatesDir, field.NewPath("certificatesDir"))...) allErrs = append(allErrs, ValidateFeatureGates(c.FeatureGates, field.NewPath("featureGates"))...) allErrs = append(allErrs, ValidateHostPort(c.ControlPlaneEndpoint, field.NewPath("controlPlaneEndpoint"))...) @@ -66,6 +66,13 @@ func ValidateClusterConfiguration(c *kubeadm.ClusterConfiguration) field.ErrorLi return allErrs } +// ValidateAPIServer validates a APIServer object and collects all encountered errors +func ValidateAPIServer(a *kubeadm.APIServer, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + allErrs = append(allErrs, ValidateCertSANs(a.CertSANs, fldPath.Child("certSANs"))...) + return allErrs +} + // ValidateJoinConfiguration validates node configuration and collects all encountered errors func ValidateJoinConfiguration(c *kubeadm.JoinConfiguration) field.ErrorList { allErrs := field.ErrorList{} diff --git a/cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go b/cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go index 1baa8d9684c..ec241bdf08d 100644 --- a/cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go +++ b/cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go @@ -44,6 +44,28 @@ func (in *APIEndpoint) DeepCopy() *APIEndpoint { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIServer) DeepCopyInto(out *APIServer) { + *out = *in + in.ControlPlaneComponent.DeepCopyInto(&out.ControlPlaneComponent) + if in.CertSANs != nil { + in, out := &in.CertSANs, &out.CertSANs + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServer. +func (in *APIServer) DeepCopy() *APIServer { + if in == nil { + return nil + } + out := new(APIServer) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AuditPolicyConfiguration) DeepCopyInto(out *AuditPolicyConfiguration) { *out = *in @@ -149,47 +171,9 @@ func (in *ClusterConfiguration) DeepCopyInto(out *ClusterConfiguration) { in.ComponentConfigs.DeepCopyInto(&out.ComponentConfigs) in.Etcd.DeepCopyInto(&out.Etcd) out.Networking = in.Networking - if in.APIServerExtraArgs != nil { - in, out := &in.APIServerExtraArgs, &out.APIServerExtraArgs - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.ControllerManagerExtraArgs != nil { - in, out := &in.ControllerManagerExtraArgs, &out.ControllerManagerExtraArgs - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.SchedulerExtraArgs != nil { - in, out := &in.SchedulerExtraArgs, &out.SchedulerExtraArgs - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.APIServerExtraVolumes != nil { - in, out := &in.APIServerExtraVolumes, &out.APIServerExtraVolumes - *out = make([]HostPathMount, len(*in)) - copy(*out, *in) - } - if in.ControllerManagerExtraVolumes != nil { - in, out := &in.ControllerManagerExtraVolumes, &out.ControllerManagerExtraVolumes - *out = make([]HostPathMount, len(*in)) - copy(*out, *in) - } - if in.SchedulerExtraVolumes != nil { - in, out := &in.SchedulerExtraVolumes, &out.SchedulerExtraVolumes - *out = make([]HostPathMount, len(*in)) - copy(*out, *in) - } - if in.APIServerCertSANs != nil { - in, out := &in.APIServerCertSANs, &out.APIServerCertSANs - *out = make([]string, len(*in)) - copy(*out, *in) - } + in.APIServer.DeepCopyInto(&out.APIServer) + in.ControllerManager.DeepCopyInto(&out.ControllerManager) + in.Scheduler.DeepCopyInto(&out.Scheduler) in.AuditPolicyConfiguration.DeepCopyInto(&out.AuditPolicyConfiguration) if in.FeatureGates != nil { in, out := &in.FeatureGates, &out.FeatureGates @@ -277,6 +261,34 @@ func (in *ComponentConfigs) DeepCopy() *ComponentConfigs { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ControlPlaneComponent) DeepCopyInto(out *ControlPlaneComponent) { + *out = *in + if in.ExtraArgs != nil { + in, out := &in.ExtraArgs, &out.ExtraArgs + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.ExtraVolumes != nil { + in, out := &in.ExtraVolumes, &out.ExtraVolumes + *out = make([]HostPathMount, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControlPlaneComponent. +func (in *ControlPlaneComponent) DeepCopy() *ControlPlaneComponent { + if in == nil { + return nil + } + out := new(ControlPlaneComponent) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Discovery) DeepCopyInto(out *Discovery) { *out = *in diff --git a/cmd/kubeadm/app/cmd/init.go b/cmd/kubeadm/app/cmd/init.go index 5e62d27112b..c2fbe4d06e5 100644 --- a/cmd/kubeadm/app/cmd/init.go +++ b/cmd/kubeadm/app/cmd/init.go @@ -214,7 +214,7 @@ func AddInitConfigFlags(flagSet *flag.FlagSet, cfg *kubeadmapiv1beta1.InitConfig `The path where to save and store the certificates.`, ) flagSet.StringSliceVar( - &cfg.APIServerCertSANs, "apiserver-cert-extra-sans", cfg.APIServerCertSANs, + &cfg.APIServer.CertSANs, "apiserver-cert-extra-sans", cfg.APIServer.CertSANs, `Optional extra Subject Alternative Names (SANs) to use for the API Server serving certificate. Can be both IP addresses and DNS names.`, ) flagSet.StringVar( diff --git a/cmd/kubeadm/app/cmd/upgrade/common_test.go b/cmd/kubeadm/app/cmd/upgrade/common_test.go index 0554623eba1..5547b71cd2a 100644 --- a/cmd/kubeadm/app/cmd/upgrade/common_test.go +++ b/cmd/kubeadm/app/cmd/upgrade/common_test.go @@ -43,12 +43,14 @@ func TestPrintConfiguration(t *testing.T) { }, }, expectedBytes: []byte(`[upgrade/config] Configuration used: + apiServer: {} apiVersion: kubeadm.k8s.io/v1beta1 auditPolicy: logDir: "" path: "" certificatesDir: "" controlPlaneEndpoint: "" + controllerManager: {} etcd: local: dataDir: /some/path @@ -60,6 +62,7 @@ func TestPrintConfiguration(t *testing.T) { dnsDomain: "" podSubnet: "" serviceSubnet: "" + scheduler: {} unifiedControlPlaneImage: "" `), }, @@ -76,12 +79,14 @@ func TestPrintConfiguration(t *testing.T) { }, }, expectedBytes: []byte(`[upgrade/config] Configuration used: + apiServer: {} apiVersion: kubeadm.k8s.io/v1beta1 auditPolicy: logDir: "" path: "" certificatesDir: "" controlPlaneEndpoint: "" + controllerManager: {} etcd: external: caFile: "" @@ -96,6 +101,7 @@ func TestPrintConfiguration(t *testing.T) { dnsDomain: "" podSubnet: "" serviceSubnet: 10.96.0.1/12 + scheduler: {} unifiedControlPlaneImage: "" `), }, diff --git a/cmd/kubeadm/app/phases/certs/doc.go b/cmd/kubeadm/app/phases/certs/doc.go index 5f515d76833..1ab96d110b7 100644 --- a/cmd/kubeadm/app/phases/certs/doc.go +++ b/cmd/kubeadm/app/phases/certs/doc.go @@ -23,7 +23,7 @@ package certs INPUTS: From InitConfiguration .API.AdvertiseAddress is an optional parameter that can be passed for an extra addition to the SAN IPs - .APIServerCertSANs is an optional parameter for adding DNS names and IPs to the API Server serving cert SAN + .APIServer.CertSANs is an optional parameter for adding DNS names and IPs to the API Server serving cert SAN .Etcd.Local.ServerCertSANs is an optional parameter for adding DNS names and IPs to the etcd serving cert SAN .Etcd.Local.PeerCertSANs is an optional parameter for adding DNS names and IPs to the etcd peer cert SAN .Networking.DNSDomain is needed for knowing which DNS name the internal Kubernetes service has diff --git a/cmd/kubeadm/app/phases/controlplane/manifests.go b/cmd/kubeadm/app/phases/controlplane/manifests.go index aab929cc790..8376fdcc5ad 100644 --- a/cmd/kubeadm/app/phases/controlplane/manifests.go +++ b/cmd/kubeadm/app/phases/controlplane/manifests.go @@ -193,11 +193,11 @@ func getAPIServerCommand(cfg *kubeadmapi.InitConfiguration) []string { defaultArguments["audit-log-maxage"] = fmt.Sprintf("%d", *cfg.AuditPolicyConfiguration.LogMaxAge) } } - if cfg.APIServerExtraArgs == nil { - cfg.APIServerExtraArgs = map[string]string{} + if cfg.APIServer.ExtraArgs == nil { + cfg.APIServer.ExtraArgs = map[string]string{} } - cfg.APIServerExtraArgs["authorization-mode"] = getAuthzModes(cfg.APIServerExtraArgs["authorization-mode"]) - command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.APIServerExtraArgs)...) + cfg.APIServer.ExtraArgs["authorization-mode"] = getAuthzModes(cfg.APIServer.ExtraArgs["authorization-mode"]) + command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.APIServer.ExtraArgs)...) return command } @@ -302,7 +302,7 @@ func getControllerManagerCommand(cfg *kubeadmapi.InitConfiguration, k8sVersion * } command := []string{"kube-controller-manager"} - command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.ControllerManagerExtraArgs)...) + command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.ControllerManager.ExtraArgs)...) return command } @@ -316,7 +316,7 @@ func getSchedulerCommand(cfg *kubeadmapi.InitConfiguration) []string { } command := []string{"kube-scheduler"} - command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.SchedulerExtraArgs)...) + command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.Scheduler.ExtraArgs)...) return command } diff --git a/cmd/kubeadm/app/phases/controlplane/manifests_test.go b/cmd/kubeadm/app/phases/controlplane/manifests_test.go index 2f24909b309..df4044a1628 100644 --- a/cmd/kubeadm/app/phases/controlplane/manifests_test.go +++ b/cmd/kubeadm/app/phases/controlplane/manifests_test.go @@ -444,18 +444,22 @@ func TestGetAPIServerCommand(t *testing.T) { }, }, { - name: "test APIServerExtraArgs works as expected", + name: "test APIServer.ExtraArgs works as expected", cfg: &kubeadmapi.InitConfiguration{ APIEndpoint: kubeadmapi.APIEndpoint{BindPort: 123, AdvertiseAddress: "1.2.3.4"}, ClusterConfiguration: kubeadmapi.ClusterConfiguration{ Networking: kubeadmapi.Networking{ServiceSubnet: "bar"}, CertificatesDir: testCertsDir, FeatureGates: map[string]bool{features.DynamicKubeletConfig: true, features.Auditing: true}, - APIServerExtraArgs: map[string]string{ - "service-cluster-ip-range": "baz", - "advertise-address": "9.9.9.9", - "audit-policy-file": "/etc/config/audit.yaml", - "audit-log-path": "/var/log/kubernetes", + APIServer: kubeadmapi.APIServer{ + ControlPlaneComponent: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{ + "service-cluster-ip-range": "baz", + "advertise-address": "9.9.9.9", + "audit-policy-file": "/etc/config/audit.yaml", + "audit-log-path": "/var/log/kubernetes", + }, + }, }, }, }, @@ -500,8 +504,12 @@ func TestGetAPIServerCommand(t *testing.T) { ClusterConfiguration: kubeadmapi.ClusterConfiguration{ Networking: kubeadmapi.Networking{ServiceSubnet: "bar"}, CertificatesDir: testCertsDir, - APIServerExtraArgs: map[string]string{ - "authorization-mode": authzmodes.ModeABAC, + APIServer: kubeadmapi.APIServer{ + ControlPlaneComponent: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{ + "authorization-mode": authzmodes.ModeABAC, + }, + }, }, }, }, @@ -542,8 +550,12 @@ func TestGetAPIServerCommand(t *testing.T) { ClusterConfiguration: kubeadmapi.ClusterConfiguration{ Networking: kubeadmapi.Networking{ServiceSubnet: "bar"}, CertificatesDir: testCertsDir, - APIServerExtraArgs: map[string]string{ - "insecure-port": "1234", + APIServer: kubeadmapi.APIServer{ + ControlPlaneComponent: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{ + "insecure-port": "1234", + }, + }, }, }, }, @@ -584,8 +596,12 @@ func TestGetAPIServerCommand(t *testing.T) { ClusterConfiguration: kubeadmapi.ClusterConfiguration{ Networking: kubeadmapi.Networking{ServiceSubnet: "bar"}, CertificatesDir: testCertsDir, - APIServerExtraArgs: map[string]string{ - "authorization-mode": authzmodes.ModeWebhook, + APIServer: kubeadmapi.APIServer{ + ControlPlaneComponent: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{ + "authorization-mode": authzmodes.ModeWebhook, + }, + }, }, }, }, @@ -710,10 +726,12 @@ func TestGetControllerManagerCommand(t *testing.T) { { name: "custom extra-args for v1.12.0-beta.2", cfg: &kubeadmapi.ClusterConfiguration{ - Networking: kubeadmapi.Networking{PodSubnet: "10.0.1.15/16"}, - ControllerManagerExtraArgs: map[string]string{"node-cidr-mask-size": "20"}, - CertificatesDir: testCertsDir, - KubernetesVersion: "v1.12.0-beta.2", + Networking: kubeadmapi.Networking{PodSubnet: "10.0.1.15/16"}, + ControllerManager: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{"node-cidr-mask-size": "20"}, + }, + CertificatesDir: testCertsDir, + KubernetesVersion: "v1.12.0-beta.2", }, expected: []string{ "kube-controller-manager", @@ -807,10 +825,12 @@ func TestGetControllerManagerCommand(t *testing.T) { { name: "custom extra-args for v1.11.3", cfg: &kubeadmapi.ClusterConfiguration{ - Networking: kubeadmapi.Networking{PodSubnet: "10.0.1.15/16"}, - ControllerManagerExtraArgs: map[string]string{"node-cidr-mask-size": "20"}, - CertificatesDir: testCertsDir, - KubernetesVersion: "v1.11.3", + Networking: kubeadmapi.Networking{PodSubnet: "10.0.1.15/16"}, + ControllerManager: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{"node-cidr-mask-size": "20"}, + }, + CertificatesDir: testCertsDir, + KubernetesVersion: "v1.11.3", }, expected: []string{ "kube-controller-manager", diff --git a/cmd/kubeadm/app/phases/controlplane/volumes.go b/cmd/kubeadm/app/phases/controlplane/volumes.go index 85f3ef8da13..ea96a971f0b 100644 --- a/cmd/kubeadm/app/phases/controlplane/volumes.go +++ b/cmd/kubeadm/app/phases/controlplane/volumes.go @@ -99,9 +99,9 @@ func getHostPathVolumesForTheControlPlane(cfg *kubeadmapi.InitConfiguration) con // Merge user defined mounts and ensure unique volume and volume mount // names - mounts.AddExtraHostPathMounts(kubeadmconstants.KubeAPIServer, cfg.APIServerExtraVolumes) - mounts.AddExtraHostPathMounts(kubeadmconstants.KubeControllerManager, cfg.ControllerManagerExtraVolumes) - mounts.AddExtraHostPathMounts(kubeadmconstants.KubeScheduler, cfg.SchedulerExtraVolumes) + mounts.AddExtraHostPathMounts(kubeadmconstants.KubeAPIServer, cfg.APIServer.ExtraVolumes) + mounts.AddExtraHostPathMounts(kubeadmconstants.KubeControllerManager, cfg.ControllerManager.ExtraVolumes) + mounts.AddExtraHostPathMounts(kubeadmconstants.KubeScheduler, cfg.Scheduler.ExtraVolumes) return mounts } diff --git a/cmd/kubeadm/app/phases/upgrade/staticpods_test.go b/cmd/kubeadm/app/phases/upgrade/staticpods_test.go index 9d7cfc08e0f..e5e4c912611 100644 --- a/cmd/kubeadm/app/phases/upgrade/staticpods_test.go +++ b/cmd/kubeadm/app/phases/upgrade/staticpods_test.go @@ -63,8 +63,9 @@ apiEndpoint: apiVersion: kubeadm.k8s.io/v1beta1 kind: ClusterConfiguration -apiServerCertSANs: null -apiServerExtraArgs: null +apiServer: + certSANs: null + extraArgs: null certificatesDir: %s controllerManagerExtraArgs: null etcd: diff --git a/cmd/kubeadm/app/util/config/common_test.go b/cmd/kubeadm/app/util/config/common_test.go index 358cc483984..2aa4c44de37 100644 --- a/cmd/kubeadm/app/util/config/common_test.go +++ b/cmd/kubeadm/app/util/config/common_test.go @@ -228,19 +228,21 @@ func TestLowercaseSANs(t *testing.T) { t.Run(test.name, func(t *testing.T) { cfg := &kubeadmapiv1beta1.InitConfiguration{ ClusterConfiguration: kubeadmapiv1beta1.ClusterConfiguration{ - APIServerCertSANs: test.in, + APIServer: kubeadmapiv1beta1.APIServer{ + CertSANs: test.in, + }, }, } - LowercaseSANs(cfg.APIServerCertSANs) + LowercaseSANs(cfg.APIServer.CertSANs) - if len(cfg.APIServerCertSANs) != len(test.out) { - t.Fatalf("expected %d elements, got %d", len(test.out), len(cfg.APIServerCertSANs)) + if len(cfg.APIServer.CertSANs) != len(test.out) { + t.Fatalf("expected %d elements, got %d", len(test.out), len(cfg.APIServer.CertSANs)) } for i, expected := range test.out { - if cfg.APIServerCertSANs[i] != expected { - t.Errorf("expected element %d to be %q, got %q", i, expected, cfg.APIServerCertSANs[i]) + if cfg.APIServer.CertSANs[i] != expected { + t.Errorf("expected element %d to be %q, got %q", i, expected, cfg.APIServer.CertSANs[i]) } } }) diff --git a/cmd/kubeadm/app/util/config/initconfiguration.go b/cmd/kubeadm/app/util/config/initconfiguration.go index 87d40a6e00d..4592a32c041 100644 --- a/cmd/kubeadm/app/util/config/initconfiguration.go +++ b/cmd/kubeadm/app/util/config/initconfiguration.go @@ -150,7 +150,7 @@ func SetClusterDynamicDefaults(cfg *kubeadmapi.ClusterConfiguration, advertiseAd } // Downcase SANs. Some domain names (like ELBs) have capitals in them. - LowercaseSANs(cfg.APIServerCertSANs) + LowercaseSANs(cfg.APIServer.CertSANs) return nil } diff --git a/cmd/kubeadm/app/util/config/testdata/conversion/master/internal.yaml b/cmd/kubeadm/app/util/config/testdata/conversion/master/internal.yaml index 9ad61455ddc..d1938ed2ec7 100644 --- a/cmd/kubeadm/app/util/config/testdata/conversion/master/internal.yaml +++ b/cmd/kubeadm/app/util/config/testdata/conversion/master/internal.yaml @@ -1,10 +1,11 @@ APIEndpoint: AdvertiseAddress: 192.168.2.2 BindPort: 6443 -APIServerCertSANs: null -APIServerExtraArgs: - authorization-mode: Node,RBAC,Webhook -APIServerExtraVolumes: null +APIServer: + CertSANs: null + ExtraArgs: + authorization-mode: Node,RBAC,Webhook + ExtraVolumes: null AuditPolicyConfiguration: LogDir: /var/log/kubernetes/audit LogMaxAge: 2 @@ -159,8 +160,9 @@ ComponentConfigs: TLSPrivateKeyFile: "" VolumeStatsAggPeriod: 1m0s ControlPlaneEndpoint: "" -ControllerManagerExtraArgs: null -ControllerManagerExtraVolumes: null +ControllerManager: + ExtraArgs: null + ExtraVolumes: null Etcd: External: null Local: @@ -183,6 +185,7 @@ NodeRegistration: Taints: - effect: NoSchedule key: node-role.kubernetes.io/master -SchedulerExtraArgs: null -SchedulerExtraVolumes: null +Scheduler: + ExtraArgs: null + ExtraVolumes: null UnifiedControlPlaneImage: "" diff --git a/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1.yaml b/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1.yaml index 7f7106fedee..8d2fa38d448 100644 --- a/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1.yaml +++ b/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1.yaml @@ -18,8 +18,9 @@ nodeRegistration: - effect: NoSchedule key: node-role.kubernetes.io/master --- -apiServerExtraArgs: - authorization-mode: Node,RBAC,Webhook +apiServer: + extraArgs: + authorization-mode: Node,RBAC,Webhook apiVersion: kubeadm.k8s.io/v1beta1 auditPolicy: logDir: /var/log/kubernetes/audit @@ -28,6 +29,7 @@ auditPolicy: certificatesDir: /etc/kubernetes/pki clusterName: kubernetes controlPlaneEndpoint: "" +controllerManager: {} etcd: local: dataDir: /var/lib/etcd @@ -39,6 +41,7 @@ networking: dnsDomain: cluster.local podSubnet: "" serviceSubnet: 10.96.0.0/12 +scheduler: {} unifiedControlPlaneImage: "" --- apiVersion: kubeproxy.config.k8s.io/v1alpha1 diff --git a/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted.yaml b/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted.yaml index d9ff908f36c..e8346d4f679 100644 --- a/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted.yaml +++ b/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted.yaml @@ -18,6 +18,7 @@ nodeRegistration: - effect: NoSchedule key: node-role.kubernetes.io/master --- +apiServer: {} apiVersion: kubeadm.k8s.io/v1beta1 auditPolicy: logDir: /var/log/kubernetes/audit @@ -26,6 +27,7 @@ auditPolicy: certificatesDir: /var/lib/kubernetes/pki clusterName: kubernetes controlPlaneEndpoint: "" +controllerManager: {} etcd: local: dataDir: /var/lib/etcd @@ -37,6 +39,7 @@ networking: dnsDomain: cluster.global podSubnet: 10.148.0.0/16 serviceSubnet: 10.196.0.0/12 +scheduler: {} unifiedControlPlaneImage: "" --- apiVersion: kubeproxy.config.k8s.io/v1alpha1 diff --git a/cmd/kubeadm/app/util/pkiutil/pki_helpers.go b/cmd/kubeadm/app/util/pkiutil/pki_helpers.go index 8a0bd0c2d75..c6dd0bff8bd 100644 --- a/cmd/kubeadm/app/util/pkiutil/pki_helpers.go +++ b/cmd/kubeadm/app/util/pkiutil/pki_helpers.go @@ -301,7 +301,7 @@ func GetAPIServerAltNames(cfg *kubeadmapi.InitConfiguration) (*certutil.AltNames } } - appendSANsToAltNames(altNames, cfg.APIServerCertSANs, kubeadmconstants.APIServerCertName) + appendSANsToAltNames(altNames, cfg.APIServer.CertSANs, kubeadmconstants.APIServerCertName) return altNames, nil } diff --git a/cmd/kubeadm/app/util/pkiutil/pki_helpers_test.go b/cmd/kubeadm/app/util/pkiutil/pki_helpers_test.go index 7af6ff1caca..5905796b3ca 100644 --- a/cmd/kubeadm/app/util/pkiutil/pki_helpers_test.go +++ b/cmd/kubeadm/app/util/pkiutil/pki_helpers_test.go @@ -450,7 +450,9 @@ func TestGetAPIServerAltNames(t *testing.T) { ClusterConfiguration: kubeadmapi.ClusterConfiguration{ ControlPlaneEndpoint: "api.k8s.io:6443", Networking: kubeadmapi.Networking{ServiceSubnet: "10.96.0.0/12", DNSDomain: "cluster.local"}, - APIServerCertSANs: []string{"10.1.245.94", "10.1.245.95", "1.2.3.L", "invalid,commas,in,DNS"}, + APIServer: kubeadmapi.APIServer{ + CertSANs: []string{"10.1.245.94", "10.1.245.95", "1.2.3.L", "invalid,commas,in,DNS"}, + }, }, NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: "valid-hostname"}, }, @@ -464,7 +466,9 @@ func TestGetAPIServerAltNames(t *testing.T) { ClusterConfiguration: kubeadmapi.ClusterConfiguration{ ControlPlaneEndpoint: "4.5.6.7:6443", Networking: kubeadmapi.Networking{ServiceSubnet: "10.96.0.0/12", DNSDomain: "cluster.local"}, - APIServerCertSANs: []string{"10.1.245.94", "10.1.245.95", "1.2.3.L", "invalid,commas,in,DNS"}, + APIServer: kubeadmapi.APIServer{ + CertSANs: []string{"10.1.245.94", "10.1.245.95", "1.2.3.L", "invalid,commas,in,DNS"}, + }, }, NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: "valid-hostname"}, }, diff --git a/cmd/kubeadm/app/util/staticpod/utils.go b/cmd/kubeadm/app/util/staticpod/utils.go index b33715675a1..0c23d40c245 100644 --- a/cmd/kubeadm/app/util/staticpod/utils.go +++ b/cmd/kubeadm/app/util/staticpod/utils.go @@ -246,11 +246,11 @@ func GetProbeAddress(cfg *kubeadmapi.InitConfiguration, componentName string) st return cfg.APIEndpoint.AdvertiseAddress } case componentName == kubeadmconstants.KubeControllerManager: - if addr, exists := cfg.ControllerManagerExtraArgs[kubeControllerManagerAddressArg]; exists { + if addr, exists := cfg.ControllerManager.ExtraArgs[kubeControllerManagerAddressArg]; exists { return addr } case componentName == kubeadmconstants.KubeScheduler: - if addr, exists := cfg.SchedulerExtraArgs[kubeSchedulerAddressArg]; exists { + if addr, exists := cfg.Scheduler.ExtraArgs[kubeSchedulerAddressArg]; exists { return addr } case componentName == kubeadmconstants.Etcd: diff --git a/cmd/kubeadm/app/util/staticpod/utils_test.go b/cmd/kubeadm/app/util/staticpod/utils_test.go index 8b3f87970a0..cd2a3d05707 100644 --- a/cmd/kubeadm/app/util/staticpod/utils_test.go +++ b/cmd/kubeadm/app/util/staticpod/utils_test.go @@ -128,7 +128,9 @@ func TestComponentProbe(t *testing.T) { name: "valid IPv4 controller-manager probe", cfg: &kubeadmapi.InitConfiguration{ ClusterConfiguration: kubeadmapi.ClusterConfiguration{ - ControllerManagerExtraArgs: map[string]string{"address": "1.2.3.4"}, + ControllerManager: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{"address": "1.2.3.4"}, + }, }, }, component: kubeadmconstants.KubeControllerManager, @@ -141,7 +143,9 @@ func TestComponentProbe(t *testing.T) { name: "valid IPv6 controller-manager probe", cfg: &kubeadmapi.InitConfiguration{ ClusterConfiguration: kubeadmapi.ClusterConfiguration{ - ControllerManagerExtraArgs: map[string]string{"address": "2001:db8::1"}, + ControllerManager: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{"address": "2001:db8::1"}, + }, }, }, component: kubeadmconstants.KubeControllerManager, @@ -154,7 +158,9 @@ func TestComponentProbe(t *testing.T) { name: "valid IPv4 scheduler probe", cfg: &kubeadmapi.InitConfiguration{ ClusterConfiguration: kubeadmapi.ClusterConfiguration{ - SchedulerExtraArgs: map[string]string{"address": "1.2.3.4"}, + Scheduler: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{"address": "1.2.3.4"}, + }, }, }, component: kubeadmconstants.KubeScheduler, @@ -167,7 +173,9 @@ func TestComponentProbe(t *testing.T) { name: "valid IPv6 scheduler probe", cfg: &kubeadmapi.InitConfiguration{ ClusterConfiguration: kubeadmapi.ClusterConfiguration{ - SchedulerExtraArgs: map[string]string{"address": "2001:db8::1"}, + Scheduler: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{"address": "2001:db8::1"}, + }, }, }, component: kubeadmconstants.KubeScheduler,