From 11bebf0b4bbbc6a2272b55cb9c38cf4ce9938549 Mon Sep 17 00:00:00 2001 From: John Gardiner Myers Date: Sun, 27 Sep 2020 21:44:50 -0700 Subject: [PATCH] Add label to prevent kops-controller from running on old nodes --- protokube/pkg/protokube/labeler.go | 3 ++- upup/models/bindata.go | 1 + .../kops-controller.addons.k8s.io/k8s-1.16.yaml.template | 1 + .../tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml | 2 +- .../bootstrapchannelbuilder/awsiamauthenticator/manifest.yaml | 2 +- .../cilium/kops-controller.addons.k8s.io-k8s-1.16.yaml | 1 + .../cloudup/tests/bootstrapchannelbuilder/cilium/manifest.yaml | 2 +- .../public-jwks/kops-controller.addons.k8s.io-k8s-1.16.yaml | 1 + .../tests/bootstrapchannelbuilder/public-jwks/manifest.yaml | 2 +- .../simple/kops-controller.addons.k8s.io-k8s-1.16.yaml | 1 + .../cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml | 2 +- .../cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml | 2 +- 12 files changed, 13 insertions(+), 7 deletions(-) diff --git a/protokube/pkg/protokube/labeler.go b/protokube/pkg/protokube/labeler.go index e2d4a9c7e2..89a35eb863 100644 --- a/protokube/pkg/protokube/labeler.go +++ b/protokube/pkg/protokube/labeler.go @@ -40,7 +40,8 @@ func bootstrapMasterNodeLabels(ctx context.Context, kubeContext *KubernetesConte } labels := map[string]string{ - "node-role.kubernetes.io/master": "", + "node-role.kubernetes.io/master": "", + "kops.k8s.io/kops-controller-pki": "", } shouldPatch := false diff --git a/upup/models/bindata.go b/upup/models/bindata.go index 0ef4bb23f7..157e830089 100644 --- a/upup/models/bindata.go +++ b/upup/models/bindata.go @@ -2751,6 +2751,7 @@ spec: operator: Exists nodeSelector: node-role.kubernetes.io/master: "" + kops.k8s.io/kops-controller-pki: "" dnsPolicy: Default # Don't use cluster DNS (we are likely running before kube-dns) hostNetwork: true serviceAccount: kops-controller diff --git a/upup/models/cloudup/resources/addons/kops-controller.addons.k8s.io/k8s-1.16.yaml.template b/upup/models/cloudup/resources/addons/kops-controller.addons.k8s.io/k8s-1.16.yaml.template index 382bcca253..ae7b8bb4e0 100644 --- a/upup/models/cloudup/resources/addons/kops-controller.addons.k8s.io/k8s-1.16.yaml.template +++ b/upup/models/cloudup/resources/addons/kops-controller.addons.k8s.io/k8s-1.16.yaml.template @@ -41,6 +41,7 @@ spec: operator: Exists nodeSelector: node-role.kubernetes.io/master: "" + kops.k8s.io/kops-controller-pki: "" dnsPolicy: Default # Don't use cluster DNS (we are likely running before kube-dns) hostNetwork: true serviceAccount: kops-controller diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml index f81c1c6bcd..46d0f0b5f4 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml @@ -7,7 +7,7 @@ spec: - id: k8s-1.16 kubernetesVersion: '>=1.16.0-alpha.0' manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml - manifestHash: b047de23df3b0caff3784aaa89ae0c967e866c95 + manifestHash: 00457a1b369f839820f5fc094c5610e2065da388 name: kops-controller.addons.k8s.io selector: k8s-addon: kops-controller.addons.k8s.io diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awsiamauthenticator/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awsiamauthenticator/manifest.yaml index 3b4ec1fa88..15d60137cf 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awsiamauthenticator/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awsiamauthenticator/manifest.yaml @@ -7,7 +7,7 @@ spec: - id: k8s-1.16 kubernetesVersion: '>=1.16.0-alpha.0' manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml - manifestHash: 3c73d81e8c87bf4f409323ca904d22ee9c375284 + manifestHash: db684c93db61d505f87af71577409945bc290fc1 name: kops-controller.addons.k8s.io selector: k8s-addon: kops-controller.addons.k8s.io diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/kops-controller.addons.k8s.io-k8s-1.16.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/kops-controller.addons.k8s.io-k8s-1.16.yaml index 146da3823d..afcf5c93d0 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/kops-controller.addons.k8s.io-k8s-1.16.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/kops-controller.addons.k8s.io-k8s-1.16.yaml @@ -52,6 +52,7 @@ spec: dnsPolicy: Default hostNetwork: true nodeSelector: + kops.k8s.io/kops-controller-pki: "" node-role.kubernetes.io/master: "" priorityClassName: system-node-critical serviceAccount: kops-controller diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/manifest.yaml index 174e8126b7..56febff913 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/manifest.yaml @@ -7,7 +7,7 @@ spec: - id: k8s-1.16 kubernetesVersion: '>=1.16.0-alpha.0' manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml - manifestHash: b047de23df3b0caff3784aaa89ae0c967e866c95 + manifestHash: 00457a1b369f839820f5fc094c5610e2065da388 name: kops-controller.addons.k8s.io selector: k8s-addon: kops-controller.addons.k8s.io diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/public-jwks/kops-controller.addons.k8s.io-k8s-1.16.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/public-jwks/kops-controller.addons.k8s.io-k8s-1.16.yaml index 146da3823d..afcf5c93d0 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/public-jwks/kops-controller.addons.k8s.io-k8s-1.16.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/public-jwks/kops-controller.addons.k8s.io-k8s-1.16.yaml @@ -52,6 +52,7 @@ spec: dnsPolicy: Default hostNetwork: true nodeSelector: + kops.k8s.io/kops-controller-pki: "" node-role.kubernetes.io/master: "" priorityClassName: system-node-critical serviceAccount: kops-controller diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/public-jwks/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/public-jwks/manifest.yaml index 4cf22d55ee..062b7fb806 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/public-jwks/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/public-jwks/manifest.yaml @@ -7,7 +7,7 @@ spec: - id: k8s-1.16 kubernetesVersion: '>=1.16.0-alpha.0' manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml - manifestHash: b047de23df3b0caff3784aaa89ae0c967e866c95 + manifestHash: 00457a1b369f839820f5fc094c5610e2065da388 name: kops-controller.addons.k8s.io selector: k8s-addon: kops-controller.addons.k8s.io diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/kops-controller.addons.k8s.io-k8s-1.16.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/kops-controller.addons.k8s.io-k8s-1.16.yaml index dfa28e93b0..5d3bc662a9 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/kops-controller.addons.k8s.io-k8s-1.16.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/kops-controller.addons.k8s.io-k8s-1.16.yaml @@ -52,6 +52,7 @@ spec: dnsPolicy: Default hostNetwork: true nodeSelector: + kops.k8s.io/kops-controller-pki: "" node-role.kubernetes.io/master: "" priorityClassName: system-node-critical serviceAccount: kops-controller diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml index 719dd81a07..8de8dbe589 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml @@ -7,7 +7,7 @@ spec: - id: k8s-1.16 kubernetesVersion: '>=1.16.0-alpha.0' manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml - manifestHash: 3c73d81e8c87bf4f409323ca904d22ee9c375284 + manifestHash: db684c93db61d505f87af71577409945bc290fc1 name: kops-controller.addons.k8s.io selector: k8s-addon: kops-controller.addons.k8s.io diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml index 13f4219699..a01cbba5a2 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml @@ -7,7 +7,7 @@ spec: - id: k8s-1.16 kubernetesVersion: '>=1.16.0-alpha.0' manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml - manifestHash: b047de23df3b0caff3784aaa89ae0c967e866c95 + manifestHash: 00457a1b369f839820f5fc094c5610e2065da388 name: kops-controller.addons.k8s.io selector: k8s-addon: kops-controller.addons.k8s.io