From 2cd8c51a07a3b9b6ffe697e2123abbb26117932f Mon Sep 17 00:00:00 2001
From: Calin Cristian Andrei <cristian.calin@outlook.com>
Date: Mon, 6 Jun 2022 22:25:57 +0300
Subject: [PATCH] [kubeadm] use v1beta3 configuration version
* extra admission controls now don't have a version in their file names
eventratelimit.v1beta2.yaml.j2 -> eventratelimit.yaml.j2
* cri_socket variable includes the unix:// prefix to be conformat with
upstream
---
roles/container-engine/crictl/templates/crictl.yaml.j2 | 4 ++--
roles/container-engine/nerdctl/templates/nerdctl.toml.j2 | 2 +-
roles/download/templates/kubeadm-images.yaml.j2 | 4 ++--
roles/kubernetes/control-plane/tasks/kubeadm-setup.yml | 8 ++++----
...ontrols.v1beta2.yaml.j2 => admission-controls.yaml.j2} | 0
...ntratelimit.v1beta2.yaml.j2 => eventratelimit.yaml.j2} | 0
...fig.v1beta2.yaml.j2 => kubeadm-config.v1beta3.yaml.j2} | 7 ++++---
...beta2.yaml.j2 => kubeadm-controlplane.v1beta3.yaml.j2} | 4 ++--
roles/kubernetes/kubeadm/tasks/main.yml | 2 +-
...ent.conf.v1beta2.j2 => kubeadm-client.conf.v1beta3.j2} | 2 +-
roles/kubernetes/node/templates/kubelet.env.v1beta1.j2 | 2 +-
roles/kubespray-defaults/defaults/main.yaml | 6 +++---
12 files changed, 21 insertions(+), 20 deletions(-)
rename roles/kubernetes/control-plane/templates/{admission-controls.v1beta2.yaml.j2 => admission-controls.yaml.j2} (100%)
rename roles/kubernetes/control-plane/templates/{eventratelimit.v1beta2.yaml.j2 => eventratelimit.yaml.j2} (100%)
rename roles/kubernetes/control-plane/templates/{kubeadm-config.v1beta2.yaml.j2 => kubeadm-config.v1beta3.yaml.j2} (99%)
rename roles/kubernetes/control-plane/templates/{kubeadm-controlplane.v1beta2.yaml.j2 => kubeadm-controlplane.v1beta3.yaml.j2} (95%)
rename roles/kubernetes/kubeadm/templates/{kubeadm-client.conf.v1beta2.j2 => kubeadm-client.conf.v1beta3.j2} (96%)
diff --git a/roles/container-engine/crictl/templates/crictl.yaml.j2 b/roles/container-engine/crictl/templates/crictl.yaml.j2
index fbf691f8a..b97dbefe6 100644
--- a/roles/container-engine/crictl/templates/crictl.yaml.j2
+++ b/roles/container-engine/crictl/templates/crictl.yaml.j2
@@ -1,4 +1,4 @@
-runtime-endpoint: unix://{{ cri_socket }}
-image-endpoint: unix://{{ cri_socket }}
+runtime-endpoint: {{ cri_socket }}
+image-endpoint: {{ cri_socket }}
timeout: 30
debug: false
diff --git a/roles/container-engine/nerdctl/templates/nerdctl.toml.j2 b/roles/container-engine/nerdctl/templates/nerdctl.toml.j2
index c12d6832e..cd1b5f9e2 100644
--- a/roles/container-engine/nerdctl/templates/nerdctl.toml.j2
+++ b/roles/container-engine/nerdctl/templates/nerdctl.toml.j2
@@ -1,6 +1,6 @@
debug = false
debug_full = false
-address = "unix://{{ cri_socket }}"
+address = "{{ cri_socket }}"
namespace = "k8s.io"
snapshotter = "native"
cni_path = "/opt/cni/bin"
diff --git a/roles/download/templates/kubeadm-images.yaml.j2 b/roles/download/templates/kubeadm-images.yaml.j2
index c2068d2fc..3a9121def 100644
--- a/roles/download/templates/kubeadm-images.yaml.j2
+++ b/roles/download/templates/kubeadm-images.yaml.j2
@@ -1,9 +1,9 @@
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
nodeRegistration:
criSocket: {{ cri_socket }}
---
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
imageRepository: {{ kube_image_repo }}
kubernetesVersion: {{ kube_version }}
diff --git a/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml b/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml
index f339989c8..c960ad643 100644
--- a/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml
+++ b/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml
@@ -73,9 +73,9 @@
kubeadm_config_api_fqdn: "{{ apiserver_loadbalancer_domain_name|default('lb-apiserver.kubernetes.local') }}"
when: loadbalancer_apiserver is defined
-- name: Set kubeadm api version to v1beta2
+- name: Set kubeadm api version to v1beta3
set_fact:
- kubeadmConfig_api_version: v1beta2
+ kubeadmConfig_api_version: v1beta3
- name: kubeadm | Create kubeadm config
template:
@@ -92,14 +92,14 @@
- name: kubeadm | Push admission control config file
template:
- src: "admission-controls.{{ kubeadmConfig_api_version }}.yaml.j2"
+ src: "admission-controls.yaml.j2"
dest: "{{ kube_config_dir }}/admission-controls/admission-controls.yaml"
mode: 0640
when: kube_apiserver_admission_control_config_file
- name: kubeadm | Push admission control config files
template:
- src: "{{ item|lower }}.{{ kubeadmConfig_api_version }}.yaml.j2"
+ src: "{{ item|lower }}.yaml.j2"
dest: "{{ kube_config_dir }}/admission-controls/{{ item|lower }}.yaml"
mode: 0640
when:
diff --git a/roles/kubernetes/control-plane/templates/admission-controls.v1beta2.yaml.j2 b/roles/kubernetes/control-plane/templates/admission-controls.yaml.j2
similarity index 100%
rename from roles/kubernetes/control-plane/templates/admission-controls.v1beta2.yaml.j2
rename to roles/kubernetes/control-plane/templates/admission-controls.yaml.j2
diff --git a/roles/kubernetes/control-plane/templates/eventratelimit.v1beta2.yaml.j2 b/roles/kubernetes/control-plane/templates/eventratelimit.yaml.j2
similarity index 100%
rename from roles/kubernetes/control-plane/templates/eventratelimit.v1beta2.yaml.j2
rename to roles/kubernetes/control-plane/templates/eventratelimit.yaml.j2
diff --git a/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2 b/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta3.yaml.j2
similarity index 99%
rename from roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2
rename to roles/kubernetes/control-plane/templates/kubeadm-config.v1beta3.yaml.j2
index ba1c5be39..9415593d0 100644
--- a/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2
+++ b/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta3.yaml.j2
@@ -1,4 +1,4 @@
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
{% if kubeadm_token is defined %}
bootstrapTokens:
@@ -29,7 +29,7 @@ nodeRegistration:
cloud-provider: external
{% endif %}
---
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
clusterName: {{ cluster_name }}
etcd:
@@ -86,7 +86,6 @@ etcd:
{% endfor %}
{% endif %}
dns:
- type: CoreDNS
imageRepository: {{ coredns_image_repo | regex_replace('/coredns(?!/coredns).*$','') }}
imageTag: {{ coredns_image_tag }}
networking:
@@ -125,7 +124,9 @@ apiServer:
{% if kube_apiserver_insecure_port|string != "0" %}
insecure-bind-address: {{ kube_apiserver_insecure_bind_address }}
{% endif %}
+{% if kube_version is version('v1.24.0','<') %}
insecure-port: "{{ kube_apiserver_insecure_port }}"
+{% endif %}
{% if kube_apiserver_enable_admission_plugins|length > 0 %}
enable-admission-plugins: {{ kube_apiserver_enable_admission_plugins | join(',') }}
{% endif %}
diff --git a/roles/kubernetes/control-plane/templates/kubeadm-controlplane.v1beta2.yaml.j2 b/roles/kubernetes/control-plane/templates/kubeadm-controlplane.v1beta3.yaml.j2
similarity index 95%
rename from roles/kubernetes/control-plane/templates/kubeadm-controlplane.v1beta2.yaml.j2
rename to roles/kubernetes/control-plane/templates/kubeadm-controlplane.v1beta3.yaml.j2
index f73a85fe9..7bf876c52 100644
--- a/roles/kubernetes/control-plane/templates/kubeadm-controlplane.v1beta2.yaml.j2
+++ b/roles/kubernetes/control-plane/templates/kubeadm-controlplane.v1beta3.yaml.j2
@@ -1,4 +1,4 @@
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
kind: JoinConfiguration
discovery:
bootstrapToken:
@@ -25,4 +25,4 @@ nodeRegistration:
key: node-role.kubernetes.io/master
{% else %}
taints: []
-{% endif %}
\ No newline at end of file
+{% endif %}
diff --git a/roles/kubernetes/kubeadm/tasks/main.yml b/roles/kubernetes/kubeadm/tasks/main.yml
index 15a20cbd7..13497ffbb 100644
--- a/roles/kubernetes/kubeadm/tasks/main.yml
+++ b/roles/kubernetes/kubeadm/tasks/main.yml
@@ -54,7 +54,7 @@
- name: Set kubeadm api version to v1beta2
set_fact:
- kubeadmConfig_api_version: v1beta2
+ kubeadmConfig_api_version: v1beta3
- name: Create kubeadm client config
template:
diff --git a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta2.j2 b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta3.j2
similarity index 96%
rename from roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta2.j2
rename to roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta3.j2
index 143a731ed..f9b31dc73 100644
--- a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta2.j2
+++ b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta3.j2
@@ -1,5 +1,5 @@
---
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
kind: JoinConfiguration
discovery:
bootstrapToken:
diff --git a/roles/kubernetes/node/templates/kubelet.env.v1beta1.j2 b/roles/kubernetes/node/templates/kubelet.env.v1beta1.j2
index 5c8c32df6..9397d7a2e 100644
--- a/roles/kubernetes/node/templates/kubelet.env.v1beta1.j2
+++ b/roles/kubernetes/node/templates/kubelet.env.v1beta1.j2
@@ -13,7 +13,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
--kubeconfig={{ kube_config_dir }}/kubelet.conf \
{# end kubeadm specific settings #}
--container-runtime=remote \
---container-runtime-endpoint=unix://{{ cri_socket }} \
+--container-runtime-endpoint={{ cri_socket }} \
--runtime-cgroups={{ kubelet_runtime_cgroups }} \
{% endset %}
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index fa99b85bf..d2b6ad239 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -289,11 +289,11 @@ container_manager_on_localhost: "{{ container_manager }}"
# CRI socket path
cri_socket: >-
{%- if container_manager == 'crio' -%}
- /var/run/crio/crio.sock
+ unix:///var/run/crio/crio.sock
{%- elif container_manager == 'containerd' -%}
- /var/run/containerd/containerd.sock
+ unix:////var/run/containerd/containerd.sock
{%- elif container_manager == 'docker' -%}
- /var/run/cri-dockerd.sock
+ unix:///var/run/cri-dockerd.sock
{%- endif -%}
## Uncomment this if you want to force overlay/overlay2 as docker storage driver
--
GitLab