We add the hosts plugin to CoreDNS, and we populate a ConfigMap from
kops-controller (when in gossip mode).
This enables resolution of the internal apiserver DNS name from Pods,
even when gossip mode (k8s.local) is in use. This should fix the
failing e2e tests which are assuming that the name in the JWT token is
resolvable from inside the cluster.
This is also a possible step towards a simpler gossip mode, now that
we have a central controller.
I missed these in the previous PR. This removes the direct dependency on v1 entirely.
The kubernetes 1.19 upgrade will remove the indirect reference on v1.
Currently the images have a timestamp of epoch 0:
```
$ docker inspect kope/kops-controller:1.18.0-alpha.2 -f '{{ .Created }}'
1970-01-01T00:00:00Z
```
The `container_image` bazel rule [0] mentions that `creation_time` has a default value of 0 unless `stamp = True`, so this should be enabled on all container_image rules that are pushed to a docker registry.
[0] https://github.com/bazelbuild/rules_docker#container_image-1
Writing to a hostPath from a non-root container requires file
ownership changes, which is difficult to roll out today. See
discussion in #8454
We were primarily using the logfile for e2e diagnostics, so we're
going to look into collecting the information via other means instead.
We also haven't yet shipped this logfile in a released version (though
we have shipped it in beta releases)
We then `docker load` it when using a KOPS_BASE_URL.
This should simplify the development process (particularly once we
also do this for dns-controller; at that point we won't need a
registry at all).
This should also fix the problems in CI, where the kops-controller
image isn't available. We've been getting away with testing with the
previous version for dns-controller, which changes pretty slowly. But
that's not a good idea for kops-controller, which is likely to be more
critical and evolve more rapidly.
Ole Markus With