From fb94f441ce2893022bec682218f8fac7a331907b Mon Sep 17 00:00:00 2001 From: Yu-Ju Hong Date: Mon, 13 Feb 2017 17:59:26 -0800 Subject: [PATCH] Set EnableCRI to true by default This change makes kubelet to use the CRI implementation by default, unless the users opt out explicitly by using --enable-cri=false. For the rkt integration, the --enable-cri flag will have no effect since rktnetes does not use CRI. Also, mark the original --experimental-cri flag hidden and deprecated, so that we can remove it in the next release. --- cmd/kubelet/app/options/options.go | 14 +++++++++++--- hack/verify-flags/known-flags.txt | 1 + pkg/apis/componentconfig/v1alpha1/defaults.go | 3 +++ pkg/apis/componentconfig/v1alpha1/types.go | 2 +- .../v1alpha1/zz_generated.conversion.go | 8 ++++++-- .../v1alpha1/zz_generated.deepcopy.go | 5 +++++ pkg/kubelet/kubelet.go | 3 ++- 7 files changed, 29 insertions(+), 7 deletions(-) diff --git a/cmd/kubelet/app/options/options.go b/cmd/kubelet/app/options/options.go index a5126d68026..dd1bf8097da 100644 --- a/cmd/kubelet/app/options/options.go +++ b/cmd/kubelet/app/options/options.go @@ -247,9 +247,17 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) { fs.BoolVar(&s.KeepTerminatedPodVolumes, "keep-terminated-pod-volumes", s.KeepTerminatedPodVolumes, "Keep terminated pod volumes mounted to the node after the pod terminates. Can be useful for debugging volume related issues.") // CRI flags. - fs.BoolVar(&s.EnableCRI, "experimental-cri", s.EnableCRI, "[Experimental] Enable the Container Runtime Interface (CRI) integration. If --container-runtime is set to \"remote\", Kubelet will communicate with the runtime/image CRI server listening on the endpoint specified by --remote-runtime-endpoint/--remote-image-endpoint. If --container-runtime is set to \"docker\", Kubelet will launch a in-process CRI server on behalf of docker, and communicate over a default endpoint.") - fs.StringVar(&s.RemoteRuntimeEndpoint, "container-runtime-endpoint", s.RemoteRuntimeEndpoint, "[Experimental] The unix socket endpoint of remote runtime service. The endpoint is used only when CRI integration is enabled (--experimental-cri)") - fs.StringVar(&s.RemoteImageEndpoint, "image-service-endpoint", s.RemoteImageEndpoint, "[Experimental] The unix socket endpoint of remote image service. If not specified, it will be the same with container-runtime-endpoint by default. The endpoint is used only when CRI integration is enabled (--experimental-cri)") + // TODO: Remove experimental-cri in kubernetes 1.7. + fs.BoolVar(&s.EnableCRI, "experimental-cri", s.EnableCRI, "Same as --enable-cri. [default=true]") + fs.MarkDeprecated("experimental-cri", "Please use --enable-cri instead.") + fs.MarkHidden("experimental-cri") + // TODO: Remove enable-cri once we stop supporting the non-cri + // implementation. + fs.BoolVar(&s.EnableCRI, "enable-cri", s.EnableCRI, "Enable the Container Runtime Interface (CRI) integration. If --container-runtime is set to \"remote\", Kubelet will communicate with the runtime/image CRI server listening on the endpoint specified by --remote-runtime-endpoint/--remote-image-endpoint. If --container-runtime is set to \"docker\", Kubelet will launch a in-process CRI server on behalf of docker, and communicate over a default endpoint. If --container-runtime is \"rkt\", the flag will be ignored because rkt integration doesn't support CRI yet. [default=true]") + fs.MarkDeprecated("enable-cri", "The non-CRI implementation will be deprecated and removed in a future version.") + + fs.StringVar(&s.RemoteRuntimeEndpoint, "container-runtime-endpoint", s.RemoteRuntimeEndpoint, "[Experimental] The unix socket endpoint of remote runtime service. The endpoint is used only when CRI integration is enabled (--enable-cri)") + fs.StringVar(&s.RemoteImageEndpoint, "image-service-endpoint", s.RemoteImageEndpoint, "[Experimental] The unix socket endpoint of remote image service. If not specified, it will be the same with container-runtime-endpoint by default. The endpoint is used only when CRI integration is enabled (--enable-cri)") fs.BoolVar(&s.ExperimentalCheckNodeCapabilitiesBeforeMount, "experimental-check-node-capabilities-before-mount", s.ExperimentalCheckNodeCapabilitiesBeforeMount, "[Experimental] if set true, the kubelet will check the underlying node for required componenets (binaries, etc.) before performing the mount") } diff --git a/hack/verify-flags/known-flags.txt b/hack/verify-flags/known-flags.txt index ba2e6642899..575fad0db84 100644 --- a/hack/verify-flags/known-flags.txt +++ b/hack/verify-flags/known-flags.txt @@ -161,6 +161,7 @@ duration-sec e2e-output-dir e2e-verify-service-account enable-controller-attach-detach +enable-cri enable-custom-metrics enable-debugging-handlers enable-dynamic-provisioning diff --git a/pkg/apis/componentconfig/v1alpha1/defaults.go b/pkg/apis/componentconfig/v1alpha1/defaults.go index a79202fca26..9b9f63167a8 100644 --- a/pkg/apis/componentconfig/v1alpha1/defaults.go +++ b/pkg/apis/componentconfig/v1alpha1/defaults.go @@ -411,6 +411,9 @@ func SetDefaults_KubeletConfiguration(obj *KubeletConfiguration) { } } } + if obj.EnableCRI == nil { + obj.EnableCRI = boolVar(true) + } } func boolVar(b bool) *bool { diff --git a/pkg/apis/componentconfig/v1alpha1/types.go b/pkg/apis/componentconfig/v1alpha1/types.go index 101cd370fc1..63aed3ec429 100644 --- a/pkg/apis/componentconfig/v1alpha1/types.go +++ b/pkg/apis/componentconfig/v1alpha1/types.go @@ -511,7 +511,7 @@ type KubeletConfiguration struct { FeatureGates string `json:"featureGates,omitempty"` // Enable Container Runtime Interface (CRI) integration. // +optional - EnableCRI bool `json:"enableCRI,omitempty"` + EnableCRI *bool `json:"enableCRI,omitempty"` // TODO(#34726:1.8.0): Remove the opt-in for failing when swap is enabled. // Tells the Kubelet to fail to start if swap is enabled on the node. ExperimentalFailSwapOn bool `json:"experimentalFailSwapOn,omitempty"` diff --git a/pkg/apis/componentconfig/v1alpha1/zz_generated.conversion.go b/pkg/apis/componentconfig/v1alpha1/zz_generated.conversion.go index 112116f4c6b..39f6b91945e 100644 --- a/pkg/apis/componentconfig/v1alpha1/zz_generated.conversion.go +++ b/pkg/apis/componentconfig/v1alpha1/zz_generated.conversion.go @@ -410,7 +410,9 @@ func autoConvert_v1alpha1_KubeletConfiguration_To_componentconfig_KubeletConfigu } out.AllowedUnsafeSysctls = *(*[]string)(unsafe.Pointer(&in.AllowedUnsafeSysctls)) out.FeatureGates = in.FeatureGates - out.EnableCRI = in.EnableCRI + if err := v1.Convert_Pointer_bool_To_bool(&in.EnableCRI, &out.EnableCRI, s); err != nil { + return err + } out.ExperimentalFailSwapOn = in.ExperimentalFailSwapOn out.ExperimentalCheckNodeCapabilitiesBeforeMount = in.ExperimentalCheckNodeCapabilitiesBeforeMount out.KeepTerminatedPodVolumes = in.KeepTerminatedPodVolumes @@ -582,7 +584,9 @@ func autoConvert_componentconfig_KubeletConfiguration_To_v1alpha1_KubeletConfigu } out.AllowedUnsafeSysctls = *(*[]string)(unsafe.Pointer(&in.AllowedUnsafeSysctls)) out.FeatureGates = in.FeatureGates - out.EnableCRI = in.EnableCRI + if err := v1.Convert_bool_To_Pointer_bool(&in.EnableCRI, &out.EnableCRI, s); err != nil { + return err + } out.ExperimentalFailSwapOn = in.ExperimentalFailSwapOn out.ExperimentalCheckNodeCapabilitiesBeforeMount = in.ExperimentalCheckNodeCapabilitiesBeforeMount out.KeepTerminatedPodVolumes = in.KeepTerminatedPodVolumes diff --git a/pkg/apis/componentconfig/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/componentconfig/v1alpha1/zz_generated.deepcopy.go index 47612e1796b..f13e67214b2 100644 --- a/pkg/apis/componentconfig/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/componentconfig/v1alpha1/zz_generated.deepcopy.go @@ -295,6 +295,11 @@ func DeepCopy_v1alpha1_KubeletConfiguration(in interface{}, out interface{}, c * *out = make([]string, len(*in)) copy(*out, *in) } + if in.EnableCRI != nil { + in, out := &in.EnableCRI, &out.EnableCRI + *out = new(bool) + **out = **in + } return nil } } diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go index 654728be670..50e9e5a1c19 100644 --- a/pkg/kubelet/kubelet.go +++ b/pkg/kubelet/kubelet.go @@ -532,7 +532,8 @@ func NewMainKubelet(kubeCfg *componentconfig.KubeletConfiguration, kubeDeps *Kub var nl *noOpLegacyHost pluginSettings.LegacyRuntimeHost = nl - if kubeCfg.EnableCRI { + // rktnetes cannot be run with CRI. + if kubeCfg.ContainerRuntime != "rkt" && kubeCfg.EnableCRI { // kubelet defers to the runtime shim to setup networking. Setting // this to nil will prevent it from trying to invoke the plugin. // It's easier to always probe and initialize plugins till cri