diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go index 552ac177ac4..356c505a60d 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go @@ -375,7 +375,7 @@ func ValidateHostPort(endpoint string, fldPath *field.Path) field.ErrorList { } // ValidateIPNetFromString validates network portion of ip address -func ValidateIPNetFromString(subnetStr string, minAddrs int64, isDualStack bool, fldPath *field.Path) field.ErrorList { +func ValidateIPNetFromString(subnetStr string, minAddrs int64, fldPath *field.Path) field.ErrorList { allErrs := field.ErrorList{} subnets, err := netutils.ParseCIDRs(strings.Split(subnetStr, ",")) if err != nil { @@ -384,19 +384,16 @@ func ValidateIPNetFromString(subnetStr string, minAddrs int64, isDualStack bool, } switch { // if DualStack only 2 CIDRs allowed - case isDualStack && len(subnets) > 2: + case len(subnets) > 2: allErrs = append(allErrs, field.Invalid(fldPath, subnetStr, "expected one (IPv4 or IPv6) CIDR or two CIDRs from each family for dual-stack networking")) // if DualStack and there are 2 CIDRs validate if there is at least one of each IP family - case isDualStack && len(subnets) == 2: + case len(subnets) == 2: areDualStackCIDRs, err := netutils.IsDualStackCIDRs(subnets) if err != nil { allErrs = append(allErrs, field.Invalid(fldPath, subnetStr, err.Error())) } else if !areDualStackCIDRs { allErrs = append(allErrs, field.Invalid(fldPath, subnetStr, "expected one (IPv4 or IPv6) CIDR or two CIDRs from each family for dual-stack networking")) } - // if not DualStack only one CIDR allowed - case !isDualStack && len(subnets) > 1: - allErrs = append(allErrs, field.Invalid(fldPath, subnetStr, "only one CIDR allowed for single-stack networking")) } // validate the subnet/s for _, s := range subnets { @@ -470,14 +467,11 @@ func getClusterNodeMask(c *kubeadm.ClusterConfiguration, isIPv6 bool) (int, erro var maskSize int var maskArg string var err error - isDualStack := features.Enabled(c.FeatureGates, features.IPv6DualStack) - if isDualStack && isIPv6 { + if isIPv6 { maskArg = "node-cidr-mask-size-ipv6" - } else if isDualStack && !isIPv6 { - maskArg = "node-cidr-mask-size-ipv4" } else { - maskArg = "node-cidr-mask-size" + maskArg = "node-cidr-mask-size-ipv4" } if v, ok := c.ControllerManager.ExtraArgs[maskArg]; ok && v != "" { @@ -513,16 +507,14 @@ func ValidateNetworking(c *kubeadm.ClusterConfiguration, fldPath *field.Path) fi for _, err := range validation.IsDNS1123Subdomain(c.Networking.DNSDomain) { allErrs = append(allErrs, field.Invalid(dnsDomainFldPath, c.Networking.DNSDomain, err)) } - // check if dual-stack feature-gate is enabled - isDualStack := features.Enabled(c.FeatureGates, features.IPv6DualStack) if len(c.Networking.ServiceSubnet) != 0 { - allErrs = append(allErrs, ValidateIPNetFromString(c.Networking.ServiceSubnet, constants.MinimumAddressesInServiceSubnet, isDualStack, field.NewPath("serviceSubnet"))...) + allErrs = append(allErrs, ValidateIPNetFromString(c.Networking.ServiceSubnet, constants.MinimumAddressesInServiceSubnet, field.NewPath("serviceSubnet"))...) // Service subnet was already validated, we need to validate now the subnet size allErrs = append(allErrs, ValidateServiceSubnetSize(c.Networking.ServiceSubnet, field.NewPath("serviceSubnet"))...) } if len(c.Networking.PodSubnet) != 0 { - allErrs = append(allErrs, ValidateIPNetFromString(c.Networking.PodSubnet, constants.MinimumAddressesInPodSubnet, isDualStack, field.NewPath("podSubnet"))...) + allErrs = append(allErrs, ValidateIPNetFromString(c.Networking.PodSubnet, constants.MinimumAddressesInPodSubnet, field.NewPath("podSubnet"))...) if c.ControllerManager.ExtraArgs["allocate-node-cidrs"] != "false" { // Pod subnet was already validated, we need to validate now against the node-mask allErrs = append(allErrs, ValidatePodSubnetNodeMask(c.Networking.PodSubnet, c, field.NewPath("podSubnet"))...) diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go index b40735c74db..2d0063a5739 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go @@ -28,7 +28,6 @@ import ( kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmapiv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3" - "k8s.io/kubernetes/cmd/kubeadm/app/features" ) func TestValidateToken(t *testing.T) { @@ -187,41 +186,28 @@ func TestValidateIPFromString(t *testing.T) { func TestValidateIPNetFromString(t *testing.T) { var tests = []struct { - name string - subnet string - minaddrs int64 - checkDualStack bool - expected bool + name string + subnet string + minaddrs int64 + expected bool }{ - {"invalid missing CIDR", "", 0, false, false}, - {"invalid CIDR", "a", 0, false, false}, - {"invalid CIDR missing decimal points in IPv4 address and / mask", "1234", 0, false, false}, - {"invalid CIDR use of letters instead of numbers and / mask", "abc", 0, false, false}, - {"invalid IPv4 address provided instead of CIDR representation", "1.2.3.4", 0, false, false}, - {"invalid IPv6 address provided instead of CIDR representation", "2001:db8::1", 0, false, false}, - {"invalid multiple CIDR provided in a single stack cluster", "2001:db8::1/64,1.2.3.4/24", 0, false, false}, - {"invalid multiple CIDR provided in a single stack cluster and one invalid subnet", "2001:db8::1/64,a", 0, false, false}, - {"valid, but IPv4 CIDR too small. At least 10 addresses needed", "10.0.0.16/29", 10, false, false}, - {"valid, but IPv6 CIDR too small. At least 10 addresses needed", "2001:db8::/125", 10, false, false}, - {"valid IPv4 CIDR", "10.0.0.16/12", 10, false, true}, - {"valid IPv6 CIDR", "2001:db8::/98", 10, false, true}, // dual-stack: - {"invalid missing CIDR", "", 0, true, false}, - {"valid dual-stack enabled but only an IPv4 CIDR specified", "10.0.0.16/12", 10, true, true}, - {"valid dual-stack enabled but only an IPv6 CIDR specified", "2001:db8::/98", 10, true, true}, - {"invalid IPv4 address provided instead of CIDR representation", "1.2.3.4,2001:db8::/98", 0, true, false}, - {"invalid IPv6 address provided instead of CIDR representation", "2001:db8::1,10.0.0.16/12", 0, true, false}, - {"valid, but IPv4 CIDR too small. At least 10 addresses needed", "10.0.0.16/29,2001:db8::/98", 10, true, false}, - {"valid, but IPv6 CIDR too small. At least 10 addresses needed", "10.0.0.16/12,2001:db8::/125", 10, true, false}, - {"valid, but only IPv4 family addresses specified. IPv6 CIDR is necessary.", "10.0.0.16/12,192.168.0.0/16", 10, true, false}, - {"valid, but only IPv6 family addresses specified. IPv4 CIDR is necessary.", "2001:db8::/98,2005:db8::/98", 10, true, false}, - {"valid IPv4 and IPv6 CIDR", "10.0.0.16/12,2001:db8::/98", 10, true, true}, - {"valid IPv6 and IPv4 CIDR", "10.0.0.16/12,2001:db8::/98", 10, true, true}, - {"invalid IPv6 and IPv4 CIDR with more than 2 subnets", "10.0.0.16/12,2001:db8::/98,192.168.0.0/16", 10, true, false}, - {"invalid IPv6 and IPv4 CIDR with more than 2 subnets", "10.0.0.16/12,2001:db8::/98,192.168.0.0/16,a.b.c.d/24", 10, true, false}, + {"invalid missing CIDR", "", 0, false}, + {"valid dual-stack enabled but only an IPv4 CIDR specified", "10.0.0.16/12", 10, true}, + {"valid dual-stack enabled but only an IPv6 CIDR specified", "2001:db8::/98", 10, true}, + {"invalid IPv4 address provided instead of CIDR representation", "1.2.3.4,2001:db8::/98", 0, false}, + {"invalid IPv6 address provided instead of CIDR representation", "2001:db8::1,10.0.0.16/12", 0, false}, + {"valid, but IPv4 CIDR too small. At least 10 addresses needed", "10.0.0.16/29,2001:db8::/98", 10, false}, + {"valid, but IPv6 CIDR too small. At least 10 addresses needed", "10.0.0.16/12,2001:db8::/125", 10, false}, + {"valid, but only IPv4 family addresses specified. IPv6 CIDR is necessary.", "10.0.0.16/12,192.168.0.0/16", 10, false}, + {"valid, but only IPv6 family addresses specified. IPv4 CIDR is necessary.", "2001:db8::/98,2005:db8::/98", 10, false}, + {"valid IPv4 and IPv6 CIDR", "10.0.0.16/12,2001:db8::/98", 10, true}, + {"valid IPv6 and IPv4 CIDR", "10.0.0.16/12,2001:db8::/98", 10, true}, + {"invalid IPv6 and IPv4 CIDR with more than 2 subnets", "10.0.0.16/12,2001:db8::/98,192.168.0.0/16", 10, false}, + {"invalid IPv6 and IPv4 CIDR with more than 2 subnets", "10.0.0.16/12,2001:db8::/98,192.168.0.0/16,a.b.c.d/24", 10, false}, } for _, rt := range tests { - actual := ValidateIPNetFromString(rt.subnet, rt.minaddrs, rt.checkDualStack, nil) + actual := ValidateIPNetFromString(rt.subnet, rt.minaddrs, nil) if (len(actual) == 0) != rt.expected { t.Errorf( "%s test case failed :\n\texpected: %t\n\t actual: %t\n\t err(s): %v\n\t", @@ -236,41 +222,31 @@ func TestValidateIPNetFromString(t *testing.T) { func TestValidatePodSubnetNodeMask(t *testing.T) { var tests = []struct { - name string - subnet string - cmExtraArgs map[string]string - checkDualStack bool - expected bool + name string + subnet string + cmExtraArgs map[string]string + expected bool }{ - {"single IPv4, but mask too small. Default node-mask", "10.0.0.16/29", nil, false, false}, - {"single IPv4, but mask too small. Configured node-mask", "10.0.0.16/24", map[string]string{"node-cidr-mask-size": "23"}, false, false}, - {"single IPv6, but mask too small. Default node-mask", "2001:db8::1/112", nil, false, false}, - {"single IPv6, but mask too small. Configured node-mask", "2001:db8::1/64", map[string]string{"node-cidr-mask-size": "24"}, false, false}, - {"single IPv6, but mask difference greater than 16. Default node-mask", "2001:db8::1/12", nil, false, false}, - {"single IPv6, but mask difference greater than 16. Configured node-mask", "2001:db8::1/64", map[string]string{"node-cidr-mask-size": "120"}, false, false}, - {"single IPv4 CIDR", "10.0.0.16/12", nil, false, true}, - {"single IPv6 CIDR", "2001:db8::/48", nil, false, true}, // dual-stack: - {"dual IPv4 only, but mask too small. Default node-mask", "10.0.0.16/29", nil, true, false}, - {"dual IPv4 only, but mask too small. Configured node-mask", "10.0.0.16/24", map[string]string{"node-cidr-mask-size-ipv4": "23"}, true, false}, - {"dual IPv6 only, but mask too small. Default node-mask", "2001:db8::1/112", nil, true, false}, - {"dual IPv6 only, but mask too small. Configured node-mask", "2001:db8::1/64", map[string]string{"node-cidr-mask-size-ipv6": "24"}, true, false}, - {"dual IPv6 only, but mask difference greater than 16. Default node-mask", "2001:db8::1/12", nil, true, false}, - {"dual IPv6 only, but mask difference greater than 16. Configured node-mask", "2001:db8::1/64", map[string]string{"node-cidr-mask-size-ipv6": "120"}, true, false}, - {"dual IPv4 only CIDR", "10.0.0.16/12", nil, true, true}, - {"dual IPv6 only CIDR", "2001:db8::/48", nil, true, true}, - {"dual, but IPv4 mask too small. Default node-mask", "10.0.0.16/29,2001:db8::/48", nil, true, false}, - {"dual, but IPv4 mask too small. Configured node-mask", "10.0.0.16/24,2001:db8::/48", map[string]string{"node-cidr-mask-size-ipv4": "23"}, true, false}, - {"dual, but IPv6 mask too small. Default node-mask", "2001:db8::1/112,10.0.0.16/16", nil, true, false}, - {"dual, but IPv6 mask too small. Configured node-mask", "10.0.0.16/16,2001:db8::1/64", map[string]string{"node-cidr-mask-size-ipv6": "24"}, true, false}, - {"dual, but mask difference greater than 16. Default node-mask", "2001:db8::1/12,10.0.0.16/16", nil, true, false}, - {"dual, but mask difference greater than 16. Configured node-mask", "10.0.0.16/16,2001:db8::1/64", map[string]string{"node-cidr-mask-size-ipv6": "120"}, true, false}, - {"dual IPv4 IPv6", "2001:db8::/48,10.0.0.16/12", nil, true, true}, - {"dual IPv6 IPv4", "2001:db8::/48,10.0.0.16/12", nil, true, true}, + {"dual IPv4 only, but mask too small. Default node-mask", "10.0.0.16/29", nil, false}, + {"dual IPv4 only, but mask too small. Configured node-mask", "10.0.0.16/24", map[string]string{"node-cidr-mask-size-ipv4": "23"}, false}, + {"dual IPv6 only, but mask too small. Default node-mask", "2001:db8::1/112", nil, false}, + {"dual IPv6 only, but mask too small. Configured node-mask", "2001:db8::1/64", map[string]string{"node-cidr-mask-size-ipv6": "24"}, false}, + {"dual IPv6 only, but mask difference greater than 16. Default node-mask", "2001:db8::1/12", nil, false}, + {"dual IPv6 only, but mask difference greater than 16. Configured node-mask", "2001:db8::1/64", map[string]string{"node-cidr-mask-size-ipv6": "120"}, false}, + {"dual IPv4 only CIDR", "10.0.0.16/12", nil, true}, + {"dual IPv6 only CIDR", "2001:db8::/48", nil, true}, + {"dual, but IPv4 mask too small. Default node-mask", "10.0.0.16/29,2001:db8::/48", nil, false}, + {"dual, but IPv4 mask too small. Configured node-mask", "10.0.0.16/24,2001:db8::/48", map[string]string{"node-cidr-mask-size-ipv4": "23"}, false}, + {"dual, but IPv6 mask too small. Default node-mask", "2001:db8::1/112,10.0.0.16/16", nil, false}, + {"dual, but IPv6 mask too small. Configured node-mask", "10.0.0.16/16,2001:db8::1/64", map[string]string{"node-cidr-mask-size-ipv6": "24"}, false}, + {"dual, but mask difference greater than 16. Default node-mask", "2001:db8::1/12,10.0.0.16/16", nil, false}, + {"dual, but mask difference greater than 16. Configured node-mask", "10.0.0.16/16,2001:db8::1/64", map[string]string{"node-cidr-mask-size-ipv6": "120"}, false}, + {"dual IPv4 IPv6", "2001:db8::/48,10.0.0.16/12", nil, true}, + {"dual IPv6 IPv4", "2001:db8::/48,10.0.0.16/12", nil, true}, } for _, rt := range tests { cfg := &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: rt.checkDualStack}, ControllerManager: kubeadmapi.ControlPlaneComponent{ ExtraArgs: rt.cmExtraArgs, }, @@ -1138,66 +1114,14 @@ func TestGetClusterNodeMask(t *testing.T) { expectedError bool }{ { - name: "ipv4 default mask", - cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: false}, - }, - isIPv6: false, - expectedMask: 24, - }, - { - name: "ipv4 custom mask", - cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: false}, - ControllerManager: kubeadmapi.ControlPlaneComponent{ - ExtraArgs: map[string]string{"node-cidr-mask-size": "23"}, - }, - }, - isIPv6: false, - expectedMask: 23, - }, - { - name: "ipv4 wrong mask", - cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: false}, - ControllerManager: kubeadmapi.ControlPlaneComponent{ - ExtraArgs: map[string]string{"node-cidr-mask-size": "aa23"}, - }, - }, - isIPv6: false, - expectedError: true, - }, - { - name: "ipv6 default mask", - cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: false}, - }, - isIPv6: true, - expectedMask: 64, - }, - { - name: "ipv6 custom mask", - cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: false}, - ControllerManager: kubeadmapi.ControlPlaneComponent{ - ExtraArgs: map[string]string{"node-cidr-mask-size": "83"}, - }, - }, - isIPv6: true, - expectedMask: 83, - }, - { - name: "dual ipv4 default mask", - cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: true}, - }, + name: "dual ipv4 default mask", + cfg: &kubeadmapi.ClusterConfiguration{}, isIPv6: false, expectedMask: 24, }, { name: "dual ipv4 custom mask", cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: true}, ControllerManager: kubeadmapi.ControlPlaneComponent{ ExtraArgs: map[string]string{"node-cidr-mask-size": "21", "node-cidr-mask-size-ipv4": "23"}, }, @@ -1206,17 +1130,14 @@ func TestGetClusterNodeMask(t *testing.T) { expectedMask: 23, }, { - name: "dual ipv6 default mask", - cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: true}, - }, + name: "dual ipv6 default mask", + cfg: &kubeadmapi.ClusterConfiguration{}, isIPv6: true, expectedMask: 64, }, { name: "dual ipv6 custom mask", cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: true}, ControllerManager: kubeadmapi.ControlPlaneComponent{ ExtraArgs: map[string]string{"node-cidr-mask-size-ipv6": "83"}, }, @@ -1227,7 +1148,6 @@ func TestGetClusterNodeMask(t *testing.T) { { name: "dual ipv4 custom mask", cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: true}, ControllerManager: kubeadmapi.ControlPlaneComponent{ ExtraArgs: map[string]string{"node-cidr-mask-size-ipv4": "23"}, }, @@ -1238,7 +1158,6 @@ func TestGetClusterNodeMask(t *testing.T) { { name: "dual ipv4 wrong mask", cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: true}, ControllerManager: kubeadmapi.ControlPlaneComponent{ ExtraArgs: map[string]string{"node-cidr-mask-size-ipv4": "aa"}, }, @@ -1249,7 +1168,6 @@ func TestGetClusterNodeMask(t *testing.T) { { name: "dual ipv6 default mask and legacy flag", cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: true}, ControllerManager: kubeadmapi.ControlPlaneComponent{ ExtraArgs: map[string]string{"node-cidr-mask-size": "23"}, }, @@ -1260,7 +1178,6 @@ func TestGetClusterNodeMask(t *testing.T) { { name: "dual ipv6 custom mask and legacy flag", cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: true}, ControllerManager: kubeadmapi.ControlPlaneComponent{ ExtraArgs: map[string]string{"node-cidr-mask-size": "23", "node-cidr-mask-size-ipv6": "83"}, }, @@ -1271,7 +1188,6 @@ func TestGetClusterNodeMask(t *testing.T) { { name: "dual ipv6 custom mask and wrong flag", cfg: &kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{features.IPv6DualStack: true}, ControllerManager: kubeadmapi.ControlPlaneComponent{ ExtraArgs: map[string]string{"node-cidr-mask-size": "23", "node-cidr-mask-size-ipv6": "a83"}, }, diff --git a/cmd/kubeadm/app/cmd/init.go b/cmd/kubeadm/app/cmd/init.go index f010d565f72..89c46c672bd 100644 --- a/cmd/kubeadm/app/cmd/init.go +++ b/cmd/kubeadm/app/cmd/init.go @@ -525,7 +525,7 @@ func (d *initData) OutputWriter() io.Writer { func (d *initData) Client() (clientset.Interface, error) { if d.client == nil { if d.dryRun { - svcSubnetCIDR, err := kubeadmconstants.GetKubernetesServiceCIDR(d.cfg.Networking.ServiceSubnet, features.Enabled(d.cfg.FeatureGates, features.IPv6DualStack)) + svcSubnetCIDR, err := kubeadmconstants.GetKubernetesServiceCIDR(d.cfg.Networking.ServiceSubnet) if err != nil { return nil, errors.Wrapf(err, "unable to get internal Kubernetes Service IP from the given service CIDR (%s)", d.cfg.Networking.ServiceSubnet) } diff --git a/cmd/kubeadm/app/componentconfigs/kubelet.go b/cmd/kubeadm/app/componentconfigs/kubelet.go index 5a62f9ac933..9a042a3f575 100644 --- a/cmd/kubeadm/app/componentconfigs/kubelet.go +++ b/cmd/kubeadm/app/componentconfigs/kubelet.go @@ -28,7 +28,6 @@ import ( kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmapiv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3" "k8s.io/kubernetes/cmd/kubeadm/app/constants" - "k8s.io/kubernetes/cmd/kubeadm/app/features" "k8s.io/kubernetes/cmd/kubeadm/app/util/initsystem" ) @@ -117,12 +116,6 @@ func (kc *kubeletConfig) Default(cfg *kubeadmapi.ClusterConfiguration, _ *kubead kc.config.FeatureGates = map[string]bool{} } - // TODO: The following code should be removed after dual-stack is GA. - // Note: The user still retains the ability to explicitly set feature-gates and that value will overwrite this base value. - if enabled, present := cfg.FeatureGates[features.IPv6DualStack]; present { - kc.config.FeatureGates[features.IPv6DualStack] = enabled - } - if kc.config.StaticPodPath == "" { kc.config.StaticPodPath = kubeadmapiv1.DefaultManifestsDir } else if kc.config.StaticPodPath != kubeadmapiv1.DefaultManifestsDir { @@ -130,7 +123,7 @@ func (kc *kubeletConfig) Default(cfg *kubeadmapi.ClusterConfiguration, _ *kubead } clusterDNS := "" - dnsIP, err := constants.GetDNSIP(cfg.Networking.ServiceSubnet, features.Enabled(cfg.FeatureGates, features.IPv6DualStack)) + dnsIP, err := constants.GetDNSIP(cfg.Networking.ServiceSubnet) if err != nil { clusterDNS = kubeadmapiv1.DefaultClusterDNSIP } else { diff --git a/cmd/kubeadm/app/componentconfigs/kubelet_test.go b/cmd/kubeadm/app/componentconfigs/kubelet_test.go index bed457ff97c..c8b28523887 100644 --- a/cmd/kubeadm/app/componentconfigs/kubelet_test.go +++ b/cmd/kubeadm/app/componentconfigs/kubelet_test.go @@ -34,7 +34,6 @@ import ( kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmapiv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3" "k8s.io/kubernetes/cmd/kubeadm/app/constants" - "k8s.io/kubernetes/cmd/kubeadm/app/features" ) func testKubeletConfigMap(contents string) *v1.ConfigMap { @@ -125,60 +124,16 @@ func TestKubeletDefault(t *testing.T) { }, }, }, - { - name: "Service subnet, explicitly disabled dual stack defaulting works", - clusterCfg: kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{ - features.IPv6DualStack: false, - }, - Networking: kubeadmapi.Networking{ - ServiceSubnet: "192.168.0.0/16", - }, - }, - expected: kubeletConfig{ - config: kubeletconfig.KubeletConfiguration{ - FeatureGates: map[string]bool{ - features.IPv6DualStack: false, - }, - StaticPodPath: kubeadmapiv1.DefaultManifestsDir, - ClusterDNS: []string{"192.168.0.10"}, - Authentication: kubeletconfig.KubeletAuthentication{ - X509: kubeletconfig.KubeletX509Authentication{ - ClientCAFile: constants.CACertName, - }, - Anonymous: kubeletconfig.KubeletAnonymousAuthentication{ - Enabled: utilpointer.BoolPtr(kubeletAuthenticationAnonymousEnabled), - }, - Webhook: kubeletconfig.KubeletWebhookAuthentication{ - Enabled: utilpointer.BoolPtr(kubeletAuthenticationWebhookEnabled), - }, - }, - Authorization: kubeletconfig.KubeletAuthorization{ - Mode: kubeletconfig.KubeletAuthorizationModeWebhook, - }, - HealthzBindAddress: kubeletHealthzBindAddress, - HealthzPort: utilpointer.Int32Ptr(constants.KubeletHealthzPort), - RotateCertificates: kubeletRotateCertificates, - ResolverConfig: resolverConfig, - CgroupDriver: constants.CgroupDriverSystemd, - }, - }, - }, { name: "Service subnet, enabled dual stack defaulting works", clusterCfg: kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{ - features.IPv6DualStack: true, - }, Networking: kubeadmapi.Networking{ ServiceSubnet: "192.168.0.0/16", }, }, expected: kubeletConfig{ config: kubeletconfig.KubeletConfiguration{ - FeatureGates: map[string]bool{ - features.IPv6DualStack: true, - }, + FeatureGates: map[string]bool{}, StaticPodPath: kubeadmapiv1.DefaultManifestsDir, ClusterDNS: []string{"192.168.0.10"}, Authentication: kubeletconfig.KubeletAuthentication{ diff --git a/cmd/kubeadm/app/componentconfigs/kubeproxy.go b/cmd/kubeadm/app/componentconfigs/kubeproxy.go index 1036f77f5fe..aec7f35e769 100644 --- a/cmd/kubeadm/app/componentconfigs/kubeproxy.go +++ b/cmd/kubeadm/app/componentconfigs/kubeproxy.go @@ -24,7 +24,6 @@ import ( kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmapiv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" - "k8s.io/kubernetes/cmd/kubeadm/app/features" ) const ( @@ -118,10 +117,4 @@ func (kp *kubeProxyConfig) Default(cfg *kubeadmapi.ClusterConfiguration, localAP } else if kp.config.ClientConnection.Kubeconfig != kubeproxyKubeConfigFileName { warnDefaultComponentConfigValue(kind, "clientConnection.kubeconfig", kubeproxyKubeConfigFileName, kp.config.ClientConnection.Kubeconfig) } - - // TODO: The following code should be removed after dual-stack is GA. - // Note: The user still retains the ability to explicitly set feature-gates and that value will overwrite this base value. - if enabled, present := cfg.FeatureGates[features.IPv6DualStack]; present { - kp.config.FeatureGates[features.IPv6DualStack] = enabled - } } diff --git a/cmd/kubeadm/app/componentconfigs/kubeproxy_test.go b/cmd/kubeadm/app/componentconfigs/kubeproxy_test.go index 63bd5be2ad1..eb9cb39c18c 100644 --- a/cmd/kubeadm/app/componentconfigs/kubeproxy_test.go +++ b/cmd/kubeadm/app/componentconfigs/kubeproxy_test.go @@ -33,7 +33,6 @@ import ( kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmapiv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3" "k8s.io/kubernetes/cmd/kubeadm/app/constants" - "k8s.io/kubernetes/cmd/kubeadm/app/features" ) func testKubeProxyConfigMap(contents string) *v1.ConfigMap { @@ -104,46 +103,6 @@ func TestKubeProxyDefault(t *testing.T) { }, }, }, - { - name: "IPv6DualStack feature gate set to true", - clusterCfg: kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{ - features.IPv6DualStack: true, - }, - }, - endpoint: kubeadmapi.APIEndpoint{}, - expected: kubeProxyConfig{ - config: kubeproxyconfig.KubeProxyConfiguration{ - FeatureGates: map[string]bool{ - features.IPv6DualStack: true, - }, - BindAddress: kubeadmapiv1.DefaultProxyBindAddressv6, - ClientConnection: componentbaseconfig.ClientConnectionConfiguration{ - Kubeconfig: kubeproxyKubeConfigFileName, - }, - }, - }, - }, - { - name: "IPv6DualStack feature gate set to false", - clusterCfg: kubeadmapi.ClusterConfiguration{ - FeatureGates: map[string]bool{ - features.IPv6DualStack: false, - }, - }, - endpoint: kubeadmapi.APIEndpoint{}, - expected: kubeProxyConfig{ - config: kubeproxyconfig.KubeProxyConfiguration{ - FeatureGates: map[string]bool{ - features.IPv6DualStack: false, - }, - BindAddress: kubeadmapiv1.DefaultProxyBindAddressv6, - ClientConnection: componentbaseconfig.ClientConnectionConfiguration{ - Kubeconfig: kubeproxyKubeConfigFileName, - }, - }, - }, - }, } for _, test := range tests { diff --git a/cmd/kubeadm/app/constants/constants.go b/cmd/kubeadm/app/constants/constants.go index 57550e32d3d..52a98897a88 100644 --- a/cmd/kubeadm/app/constants/constants.go +++ b/cmd/kubeadm/app/constants/constants.go @@ -627,9 +627,9 @@ func CreateTimestampDirForKubeadm(kubernetesDir, dirName string) (string, error) } // GetDNSIP returns a dnsIP, which is 10th IP in svcSubnet CIDR range -func GetDNSIP(svcSubnetList string, isDualStack bool) (net.IP, error) { +func GetDNSIP(svcSubnetList string) (net.IP, error) { // Get the service subnet CIDR - svcSubnetCIDR, err := GetKubernetesServiceCIDR(svcSubnetList, isDualStack) + svcSubnetCIDR, err := GetKubernetesServiceCIDR(svcSubnetList) if err != nil { return nil, errors.Wrapf(err, "unable to get internal Kubernetes Service IP from the given service CIDR (%s)", svcSubnetList) } @@ -644,31 +644,23 @@ func GetDNSIP(svcSubnetList string, isDualStack bool) (net.IP, error) { } // GetKubernetesServiceCIDR returns the default Service CIDR for the Kubernetes internal service -func GetKubernetesServiceCIDR(svcSubnetList string, isDualStack bool) (*net.IPNet, error) { - if isDualStack { - // The default service address family for the cluster is the address family of the first - // service cluster IP range configured via the `--service-cluster-ip-range` flag - // of the kube-controller-manager and kube-apiserver. - svcSubnets, err := netutils.ParseCIDRs(strings.Split(svcSubnetList, ",")) - if err != nil { - return nil, errors.Wrapf(err, "unable to parse ServiceSubnet %v", svcSubnetList) - } - if len(svcSubnets) == 0 { - return nil, errors.New("received empty ServiceSubnet for dual-stack") - } - return svcSubnets[0], nil - } - // internal IP address for the API server - _, svcSubnet, err := netutils.ParseCIDRSloppy(svcSubnetList) +func GetKubernetesServiceCIDR(svcSubnetList string) (*net.IPNet, error) { + // The default service address family for the cluster is the address family of the first + // service cluster IP range configured via the `--service-cluster-ip-range` flag + // of the kube-controller-manager and kube-apiserver. + svcSubnets, err := netutils.ParseCIDRs(strings.Split(svcSubnetList, ",")) if err != nil { return nil, errors.Wrapf(err, "unable to parse ServiceSubnet %v", svcSubnetList) } - return svcSubnet, nil + if len(svcSubnets) == 0 { + return nil, errors.New("received empty ServiceSubnet") + } + return svcSubnets[0], nil } // GetAPIServerVirtualIP returns the IP of the internal Kubernetes API service -func GetAPIServerVirtualIP(svcSubnetList string, isDualStack bool) (net.IP, error) { - svcSubnet, err := GetKubernetesServiceCIDR(svcSubnetList, isDualStack) +func GetAPIServerVirtualIP(svcSubnetList string) (net.IP, error) { + svcSubnet, err := GetKubernetesServiceCIDR(svcSubnetList) if err != nil { return nil, errors.Wrap(err, "unable to get internal Kubernetes Service IP from the given service CIDR") } diff --git a/cmd/kubeadm/app/constants/constants_test.go b/cmd/kubeadm/app/constants/constants_test.go index 811fd006ef3..97046c592a3 100644 --- a/cmd/kubeadm/app/constants/constants_test.go +++ b/cmd/kubeadm/app/constants/constants_test.go @@ -182,35 +182,30 @@ func TestGetKubernetesServiceCIDR(t *testing.T) { }{ { svcSubnetList: "192.168.10.0/24", - isDualStack: false, expected: "192.168.10.0/24", expectedError: false, name: "valid: valid IPv4 range from single-stack", }, { svcSubnetList: "fd03::/112", - isDualStack: false, expected: "fd03::/112", expectedError: false, name: "valid: valid IPv6 range from single-stack", }, { svcSubnetList: "192.168.10.0/24,fd03::/112", - isDualStack: true, expected: "192.168.10.0/24", expectedError: false, name: "valid: valid ranges from dual-stack", }, { svcSubnetList: "fd03::/112,192.168.10.0/24", - isDualStack: true, expected: "fd03::/112", expectedError: false, name: "valid: valid ranges from dual-stack", }, { svcSubnetList: "192.168.10.0/24,fd03:x::/112", - isDualStack: true, expected: "", expectedError: true, name: "invalid: failed to parse subnet range for dual-stack", @@ -219,7 +214,7 @@ func TestGetKubernetesServiceCIDR(t *testing.T) { for _, rt := range tests { t.Run(rt.name, func(t *testing.T) { - actual, actualError := GetKubernetesServiceCIDR(rt.svcSubnetList, rt.isDualStack) + actual, actualError := GetKubernetesServiceCIDR(rt.svcSubnetList) if rt.expectedError { if actualError == nil { t.Errorf("failed GetKubernetesServiceCIDR:\n\texpected error, but got no error") diff --git a/cmd/kubeadm/app/phases/addons/dns/dns.go b/cmd/kubeadm/app/phases/addons/dns/dns.go index c4989818f66..1ade9cb3a34 100644 --- a/cmd/kubeadm/app/phases/addons/dns/dns.go +++ b/cmd/kubeadm/app/phases/addons/dns/dns.go @@ -37,7 +37,6 @@ import ( kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" - "k8s.io/kubernetes/cmd/kubeadm/app/features" "k8s.io/kubernetes/cmd/kubeadm/app/images" kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" "k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient" @@ -120,7 +119,7 @@ func coreDNSAddon(cfg *kubeadmapi.ClusterConfiguration, client clientset.Interfa return errors.Wrap(err, "error when parsing CoreDNS configMap template") } - dnsip, err := kubeadmconstants.GetDNSIP(cfg.Networking.ServiceSubnet, features.Enabled(cfg.FeatureGates, features.IPv6DualStack)) + dnsip, err := kubeadmconstants.GetDNSIP(cfg.Networking.ServiceSubnet) if err != nil { return err } diff --git a/cmd/kubeadm/app/phases/addons/dns/dns_test.go b/cmd/kubeadm/app/phases/addons/dns/dns_test.go index d645f48ac57..f99faa6501f 100644 --- a/cmd/kubeadm/app/phases/addons/dns/dns_test.go +++ b/cmd/kubeadm/app/phases/addons/dns/dns_test.go @@ -80,30 +80,26 @@ func TestGetDNSIP(t *testing.T) { name: "subnet mask 12", svcSubnet: "10.96.0.0/12", expectedDNSIP: "10.96.0.10", - isDualStack: false, }, { name: "subnet mask 26", svcSubnet: "10.87.116.64/26", expectedDNSIP: "10.87.116.74", - isDualStack: false, }, { name: "dual-stack ipv4 primary, subnet mask 26", svcSubnet: "10.87.116.64/26,fd03::/112", expectedDNSIP: "10.87.116.74", - isDualStack: true, }, { name: "dual-stack ipv6 primary, subnet mask 112", svcSubnet: "fd03::/112,10.87.116.64/26", expectedDNSIP: "fd03::a", - isDualStack: true, }, } for _, rt := range tests { t.Run(rt.name, func(t *testing.T) { - dnsIP, err := kubeadmconstants.GetDNSIP(rt.svcSubnet, rt.isDualStack) + dnsIP, err := kubeadmconstants.GetDNSIP(rt.svcSubnet) if err != nil { t.Fatalf("couldn't get dnsIP : %v", err) } diff --git a/cmd/kubeadm/app/phases/controlplane/manifests.go b/cmd/kubeadm/app/phases/controlplane/manifests.go index d7d8c98a153..eb02a8af974 100644 --- a/cmd/kubeadm/app/phases/controlplane/manifests.go +++ b/cmd/kubeadm/app/phases/controlplane/manifests.go @@ -220,12 +220,6 @@ func getAPIServerCommand(cfg *kubeadmapi.ClusterConfiguration, localAPIEndpoint } } - // TODO: The following code should be removed after dual-stack is GA. - // Note: The user still retains the ability to explicitly set feature-gates and that value will overwrite this base value. - if enabled, present := cfg.FeatureGates[features.IPv6DualStack]; present { - defaultArguments["feature-gates"] = fmt.Sprintf("%s=%t", features.IPv6DualStack, enabled) - } - if cfg.APIServer.ExtraArgs == nil { cfg.APIServer.ExtraArgs = map[string]string{} } @@ -343,13 +337,6 @@ func getControllerManagerCommand(cfg *kubeadmapi.ClusterConfiguration) []string defaultArguments["cluster-name"] = cfg.ClusterName } - // TODO: The following code should be remvoved after dual-stack is GA. - // Note: The user still retains the ability to explicitly set feature-gates and that value will overwrite this base value. - enabled, present := cfg.FeatureGates[features.IPv6DualStack] - if present { - defaultArguments["feature-gates"] = fmt.Sprintf("%s=%t", features.IPv6DualStack, enabled) - } - command := []string{"kube-controller-manager"} command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.ControllerManager.ExtraArgs)...) @@ -367,12 +354,6 @@ func getSchedulerCommand(cfg *kubeadmapi.ClusterConfiguration) []string { "authorization-kubeconfig": kubeconfigFile, } - // TODO: The following code should be remvoved after dual-stack is GA. - // Note: The user still retains the ability to explicitly set feature-gates and that value will overwrite this base value. - if enabled, present := cfg.FeatureGates[features.IPv6DualStack]; present { - defaultArguments["feature-gates"] = fmt.Sprintf("%s=%t", features.IPv6DualStack, enabled) - } - command := []string{"kube-scheduler"} command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.Scheduler.ExtraArgs)...) return command diff --git a/cmd/kubeadm/app/phases/controlplane/manifests_test.go b/cmd/kubeadm/app/phases/controlplane/manifests_test.go index 143827fe47a..e548a4804a1 100644 --- a/cmd/kubeadm/app/phases/controlplane/manifests_test.go +++ b/cmd/kubeadm/app/phases/controlplane/manifests_test.go @@ -32,7 +32,6 @@ import ( kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" - "k8s.io/kubernetes/cmd/kubeadm/app/features" "k8s.io/kubernetes/cmd/kubeadm/app/phases/certs" pkiutiltesting "k8s.io/kubernetes/cmd/kubeadm/app/util/pkiutil/testing" staticpodutil "k8s.io/kubernetes/cmd/kubeadm/app/util/staticpod" @@ -546,7 +545,6 @@ func TestGetControllerManagerCommand(t *testing.T) { KubernetesVersion: cpVersion, CertificatesDir: testCertsDir, ClusterName: "some-other-cluster-name", - FeatureGates: map[string]bool{features.IPv6DualStack: false}, }, expected: []string{ "kube-controller-manager", @@ -563,7 +561,6 @@ func TestGetControllerManagerCommand(t *testing.T) { "--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--client-ca-file=" + testCertsDir + "/ca.crt", "--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", - "--feature-gates=IPv6DualStack=false", "--cluster-name=some-other-cluster-name", }, }, @@ -626,7 +623,6 @@ func TestGetControllerManagerCommand(t *testing.T) { }, CertificatesDir: testCertsDir, KubernetesVersion: cpVersion, - FeatureGates: map[string]bool{features.IPv6DualStack: false}, }, expected: []string{ "kube-controller-manager", @@ -643,7 +639,6 @@ func TestGetControllerManagerCommand(t *testing.T) { "--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--client-ca-file=" + testCertsDir + "/ca.crt", "--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", - "--feature-gates=IPv6DualStack=false", "--allocate-node-cidrs=true", "--cluster-cidr=10.0.1.15/16", "--service-cluster-ip-range=172.20.0.0/24", @@ -755,7 +750,6 @@ func TestGetControllerManagerCommand(t *testing.T) { }, CertificatesDir: testCertsDir, KubernetesVersion: cpVersion, - FeatureGates: map[string]bool{features.IPv6DualStack: true}, }, expected: []string{ "kube-controller-manager", @@ -772,7 +766,6 @@ func TestGetControllerManagerCommand(t *testing.T) { "--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--client-ca-file=" + testCertsDir + "/ca.crt", "--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", - "--feature-gates=IPv6DualStack=true", "--allocate-node-cidrs=true", "--cluster-cidr=2001:db8::/64,10.1.0.0/16", "--service-cluster-ip-range=fd03::/112,192.168.0.0/16", diff --git a/cmd/kubeadm/app/util/pkiutil/pki_helpers.go b/cmd/kubeadm/app/util/pkiutil/pki_helpers.go index d9bcd7ad8e7..9628aa78a5c 100644 --- a/cmd/kubeadm/app/util/pkiutil/pki_helpers.go +++ b/cmd/kubeadm/app/util/pkiutil/pki_helpers.go @@ -45,7 +45,6 @@ import ( kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" - "k8s.io/kubernetes/cmd/kubeadm/app/features" kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" ) @@ -424,7 +423,7 @@ func GetAPIServerAltNames(cfg *kubeadmapi.InitConfiguration) (*certutil.AltNames cfg.LocalAPIEndpoint.AdvertiseAddress) } - internalAPIServerVirtualIP, err := kubeadmconstants.GetAPIServerVirtualIP(cfg.Networking.ServiceSubnet, features.Enabled(cfg.FeatureGates, features.IPv6DualStack)) + internalAPIServerVirtualIP, err := kubeadmconstants.GetAPIServerVirtualIP(cfg.Networking.ServiceSubnet) if err != nil { return nil, errors.Wrapf(err, "unable to get first IP address from the given CIDR: %v", cfg.Networking.ServiceSubnet) } diff --git a/cmd/kubeadm/test/cmd/init_test.go b/cmd/kubeadm/test/cmd/init_test.go index 19e85b4324a..40a5f2794f0 100644 --- a/cmd/kubeadm/test/cmd/init_test.go +++ b/cmd/kubeadm/test/cmd/init_test.go @@ -265,8 +265,8 @@ func TestCmdInitFeatureGates(t *testing.T) { args: "", }, { - name: "feature gate IPv6DualStack=false", - args: "--feature-gates=IPv6DualStack=false", + name: "feature gate IPv6DualStack=true", + args: "--feature-gates=IPv6DualStack=true", }, { name: "feature gate PublicKeysECDSA=true",