From 9c057c3f537530c8c22b75f4202a4c6d581c0e50 Mon Sep 17 00:00:00 2001 From: Ciprian Hacman Date: Thu, 10 Jul 2025 10:03:03 +0300 Subject: [PATCH] azure: Deploy cloud-node-manager for K8s 1.31+ --- .../k8s-1.31.yaml.template | 95 +++++++++++++++++++ .../bootstrapchannelbuilder.go | 15 +++ 2 files changed, 110 insertions(+) create mode 100644 upup/models/cloudup/resources/addons/azure-cloud-node.addons.k8s.io/k8s-1.31.yaml.template diff --git a/upup/models/cloudup/resources/addons/azure-cloud-node.addons.k8s.io/k8s-1.31.yaml.template b/upup/models/cloudup/resources/addons/azure-cloud-node.addons.k8s.io/k8s-1.31.yaml.template new file mode 100644 index 0000000000..93e472b18d --- /dev/null +++ b/upup/models/cloudup/resources/addons/azure-cloud-node.addons.k8s.io/k8s-1.31.yaml.template @@ -0,0 +1,95 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + k8s-app: cloud-node-manager + kubernetes.io/cluster-service: "true" + name: cloud-node-manager + namespace: kube-system +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: cloud-node-manager + labels: + k8s-app: cloud-node-manager + kubernetes.io/cluster-service: "true" +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["watch","list","get","update", "patch"] +- apiGroups: [""] + resources: ["nodes/status"] + verbs: ["patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cloud-node-manager + labels: + k8s-app: cloud-node-manager + kubernetes.io/cluster-service: "true" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cloud-node-manager +subjects: +- kind: ServiceAccount + name: cloud-node-manager + namespace: kube-system +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: cloud-node-manager + namespace: kube-system + labels: + component: cloud-node-manager + kubernetes.io/cluster-service: "true" +spec: + selector: + matchLabels: + k8s-app: cloud-node-manager + template: + metadata: + labels: + k8s-app: cloud-node-manager + annotations: + cluster-autoscaler.kubernetes.io/daemonset-pod: "true" + spec: + priorityClassName: system-node-critical + serviceAccountName: cloud-node-manager + hostNetwork: true # required to fetch correct hostname + nodeSelector: + kubernetes.io/os: linux + tolerations: + - key: CriticalAddonsOnly + operator: Exists + - key: node-role.kubernetes.io/master + operator: Equal + value: "true" + effect: NoSchedule + - operator: "Exists" + effect: NoExecute + - operator: "Exists" + effect: NoSchedule + containers: + - name: cloud-node-manager + image: mcr.microsoft.com/oss/kubernetes/azure-cloud-node-manager:v1.33.1 + imagePullPolicy: IfNotPresent + command: + - cloud-node-manager + - --node-name=$(NODE_NAME) + - --v=4 + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + resources: + requests: + cpu: 50m + memory: 50Mi + limits: + cpu: 2000m + memory: 512Mi diff --git a/upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go b/upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go index 00b38ec884..47e7e0f45e 100644 --- a/upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go +++ b/upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go @@ -756,6 +756,21 @@ func (b *BootstrapChannelBuilder) buildAddons(c *fi.CloudupModelBuilderContext) } } + if b.Cluster.IsKubernetesGTE("1.31") && b.Cluster.GetCloudProvider() == kops.CloudProviderAzure { + { + key := "azure-cloud-node.addons.k8s.io" + id := "k8s-1.31" + location := key + "/" + id + ".yaml" + + addons.Add(&channelsapi.AddonSpec{ + Name: fi.PtrTo(key), + Selector: map[string]string{"k8s-addon": key}, + Manifest: fi.PtrTo(location), + Id: id, + }) + } + } + if b.Cluster.GetCloudProvider() == kops.CloudProviderGCE { if fi.ValueOf(b.Cluster.Spec.CloudConfig.ManageStorageClasses) { key := "storage-gce.addons.k8s.io"