From 07ffd665a7dd014be1b3f4e8fb23bae751d1db32 Mon Sep 17 00:00:00 2001 From: Ciprian Hacman Date: Sat, 12 Sep 2020 08:08:00 +0300 Subject: [PATCH] Allow container runtime to run before BootstrapKubeconfig --- nodeup/pkg/model/kube_proxy.go | 9 ++++---- nodeup/pkg/model/kubelet.go | 14 ++++++++----- nodeup/pkg/model/networking/kube_router.go | 9 ++++---- nodeup/pkg/model/node_authorizer.go | 2 +- .../golden/minimal/tasks-kube-proxy.yaml | 2 ++ .../side-loading/tasks-kube-proxy-amd64.yaml | 2 ++ .../side-loading/tasks-kube-proxy-arm64.yaml | 2 ++ upup/pkg/fi/nodeup/nodetasks/file.go | 4 +++- upup/pkg/fi/nodeup/nodetasks/load_image.go | 5 ----- upup/pkg/fi/nodeup/nodetasks/service.go | 21 ++++++++++++++++--- 10 files changed, 47 insertions(+), 23 deletions(-) diff --git a/nodeup/pkg/model/kube_proxy.go b/nodeup/pkg/model/kube_proxy.go index 0c959714d4..aca6efd03f 100644 --- a/nodeup/pkg/model/kube_proxy.go +++ b/nodeup/pkg/model/kube_proxy.go @@ -93,10 +93,11 @@ func (b *KubeProxyBuilder) Build(c *fi.ModelBuilderContext) error { } c.AddTask(&nodetasks.File{ - Path: "/var/lib/kube-proxy/kubeconfig", - Contents: kubeconfig, - Type: nodetasks.FileType_File, - Mode: s("0400"), + Path: "/var/lib/kube-proxy/kubeconfig", + Contents: kubeconfig, + Type: nodetasks.FileType_File, + Mode: s("0400"), + BeforeServices: []string{kubeletService}, }) } diff --git a/nodeup/pkg/model/kubelet.go b/nodeup/pkg/model/kubelet.go index d2de7e055b..06252cde9c 100644 --- a/nodeup/pkg/model/kubelet.go +++ b/nodeup/pkg/model/kubelet.go @@ -42,6 +42,9 @@ import ( const ( // containerizedMounterHome is the path where we install the containerized mounter (on ContainerOS) containerizedMounterHome = "/home/kubernetes/containerized_mounter" + + // kubeletService is the name of the kubelet service + kubeletService = "kubelet.service" ) // KubeletBuilder installs kubelet @@ -118,10 +121,11 @@ func (b *KubeletBuilder) Build(c *fi.ModelBuilderContext) error { } c.AddTask(&nodetasks.File{ - Path: b.KubeletKubeConfig(), - Contents: kubeconfig, - Type: nodetasks.FileType_File, - Mode: s("0400"), + Path: b.KubeletKubeConfig(), + Contents: kubeconfig, + Type: nodetasks.FileType_File, + Mode: s("0400"), + BeforeServices: []string{kubeletService}, }) } } @@ -272,7 +276,7 @@ func (b *KubeletBuilder) buildSystemdService() *nodetasks.Service { klog.V(8).Infof("Built service manifest %q\n%s", "kubelet", manifestString) service := &nodetasks.Service{ - Name: "kubelet.service", + Name: kubeletService, Definition: s(manifestString), } diff --git a/nodeup/pkg/model/networking/kube_router.go b/nodeup/pkg/model/networking/kube_router.go index 2700808880..c000df7092 100644 --- a/nodeup/pkg/model/networking/kube_router.go +++ b/nodeup/pkg/model/networking/kube_router.go @@ -51,10 +51,11 @@ func (b *KuberouterBuilder) Build(c *fi.ModelBuilderContext) error { } c.AddTask(&nodetasks.File{ - Path: "/var/lib/kube-router/kubeconfig", - Contents: kubeconfig, - Type: nodetasks.FileType_File, - Mode: fi.String("0400"), + Path: "/var/lib/kube-router/kubeconfig", + Contents: kubeconfig, + Type: nodetasks.FileType_File, + Mode: fi.String("0400"), + BeforeServices: []string{"kubelet.service"}, }) return nil diff --git a/nodeup/pkg/model/node_authorizer.go b/nodeup/pkg/model/node_authorizer.go index 1bbceff779..471bfc9706 100644 --- a/nodeup/pkg/model/node_authorizer.go +++ b/nodeup/pkg/model/node_authorizer.go @@ -77,7 +77,7 @@ func (b *NodeAuthorizationBuilder) Build(c *fi.ModelBuilderContext) error { man := &systemd.Manifest{} man.Set("Unit", "Description", "Node Authorization Client") man.Set("Unit", "Documentation", "https://github.com/kubernetes/kops") - man.Set("Unit", "Before", "kubelet.service") + man.Set("Unit", "Before", kubeletService) switch b.Cluster.Spec.ContainerRuntime { case "docker": man.Set("Unit", "After", "docker.service") diff --git a/nodeup/pkg/model/tests/golden/minimal/tasks-kube-proxy.yaml b/nodeup/pkg/model/tests/golden/minimal/tasks-kube-proxy.yaml index f382a7f03c..6b635eee85 100644 --- a/nodeup/pkg/model/tests/golden/minimal/tasks-kube-proxy.yaml +++ b/nodeup/pkg/model/tests/golden/minimal/tasks-kube-proxy.yaml @@ -72,6 +72,8 @@ contents: | path: /etc/kubernetes/manifests/kube-proxy.manifest type: file --- +beforeServices: +- kubelet.service contents: task: CA: diff --git a/nodeup/pkg/model/tests/golden/side-loading/tasks-kube-proxy-amd64.yaml b/nodeup/pkg/model/tests/golden/side-loading/tasks-kube-proxy-amd64.yaml index 6b7f2e0e1e..a9eb8e15e7 100644 --- a/nodeup/pkg/model/tests/golden/side-loading/tasks-kube-proxy-amd64.yaml +++ b/nodeup/pkg/model/tests/golden/side-loading/tasks-kube-proxy-amd64.yaml @@ -72,6 +72,8 @@ contents: | path: /etc/kubernetes/manifests/kube-proxy.manifest type: file --- +beforeServices: +- kubelet.service contents: task: CA: diff --git a/nodeup/pkg/model/tests/golden/side-loading/tasks-kube-proxy-arm64.yaml b/nodeup/pkg/model/tests/golden/side-loading/tasks-kube-proxy-arm64.yaml index 0a824f74b4..12bfd470ae 100644 --- a/nodeup/pkg/model/tests/golden/side-loading/tasks-kube-proxy-arm64.yaml +++ b/nodeup/pkg/model/tests/golden/side-loading/tasks-kube-proxy-arm64.yaml @@ -72,6 +72,8 @@ contents: | path: /etc/kubernetes/manifests/kube-proxy.manifest type: file --- +beforeServices: +- kubelet.service contents: task: CA: diff --git a/upup/pkg/fi/nodeup/nodetasks/file.go b/upup/pkg/fi/nodeup/nodetasks/file.go index 574ccb976d..d6fab0a7fc 100644 --- a/upup/pkg/fi/nodeup/nodetasks/file.go +++ b/upup/pkg/fi/nodeup/nodetasks/file.go @@ -41,7 +41,8 @@ const ( ) type File struct { - AfterFiles []string `json:"afterfiles,omitempty"` + AfterFiles []string `json:"afterFiles,omitempty"` + BeforeServices []string `json:"beforeServices,omitempty"` Contents fi.Resource `json:"contents,omitempty"` Group *string `json:"group,omitempty"` IfNotExists bool `json:"ifNotExists,omitempty"` @@ -60,6 +61,7 @@ var _ fi.HasName = &File{} // GetDependencies implements HasDependencies::GetDependencies func (e *File) GetDependencies(tasks map[string]fi.Task) []fi.Task { var deps []fi.Task + if e.Owner != nil { ownerTask := tasks["UserTask/"+*e.Owner] if ownerTask == nil { diff --git a/upup/pkg/fi/nodeup/nodetasks/load_image.go b/upup/pkg/fi/nodeup/nodetasks/load_image.go index 5416993e49..54364d92fa 100644 --- a/upup/pkg/fi/nodeup/nodetasks/load_image.go +++ b/upup/pkg/fi/nodeup/nodetasks/load_image.go @@ -33,11 +33,6 @@ import ( "k8s.io/kops/util/pkg/hashing" ) -const ( - containerdService = "containerd.service" - dockerService = "docker.service" -) - // LoadImageTask is responsible for downloading a docker image type LoadImageTask struct { Name string diff --git a/upup/pkg/fi/nodeup/nodetasks/service.go b/upup/pkg/fi/nodeup/nodetasks/service.go index 2165097a4f..a7a1e50fc5 100644 --- a/upup/pkg/fi/nodeup/nodetasks/service.go +++ b/upup/pkg/fi/nodeup/nodetasks/service.go @@ -43,6 +43,11 @@ const ( flatcarSystemdSystemPath = "/etc/systemd/system" containerosSystemdSystemPath = "/etc/systemd/system" + + containerdService = "containerd.service" + dockerService = "docker.service" + kubeletService = "kubelet.service" + protokubeService = "protokube.service" ) type Service struct { @@ -67,11 +72,21 @@ func (p *Service) GetDependencies(tasks map[string]fi.Task) []fi.Task { // LoadImageTask or IssueCert. If there are any LoadImageTasks (e.g. we're // launching a custom Kubernetes build), they all depend on // the "docker.service" Service task. - switch v.(type) { - case *File, *Package, *UpdatePackages, *UserTask, *GroupTask, *Chattr, *BindMount, *Archive: + switch v := v.(type) { + case *Package, *UpdatePackages, *UserTask, *GroupTask, *Chattr, *BindMount, *Archive: deps = append(deps, v) - case *Service, *LoadImageTask, *IssueCert: + case *Service, *LoadImageTask, *IssueCert, *BootstrapClient, *KubeConfig: // ignore + case *File: + if len(v.BeforeServices) > 0 { + for _, s := range v.BeforeServices { + if p.Name == s { + deps = append(deps, v) + } + } + } else { + deps = append(deps, v) + } default: klog.Warningf("Unhandled type %T in Service::GetDependencies: %v", v, v) deps = append(deps, v)