Merge pull request #70 from pacoxu/dev-0.0.5

add kubelet-reloader support & support renew specified commands
pacoxu · Jun 14, 2022 · 52c0436 · 52c0436
2 parents 4357f8f + c1cbbc6
commit 52c0436
Show file tree

Hide file tree

Showing 9 changed files with 56 additions and 24 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -25,15 +25,7 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager
 # distroless cannot run `kubeadm upgrade apply` smoothly
 # FROM gcr.m.daocloud.io/distroless/static:nonroot
 FROM docker.m.daocloud.io/ubuntu
-RUN apt-get update -q -y && apt-get install -q -y curl systemd && apt clean all
-RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in ; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done);
-RUN rm -rf /lib/systemd/system/multi-user.target.wants/;
-RUN rm -rf /etc/systemd/system/.wants/;
-RUN rm -rf /lib/systemd/system/local-fs.target.wants/;
-RUN rm -rf /lib/systemd/system/sockets.target.wants/udev;
-RUN rm -rf /lib/systemd/system/sockets.target.wants/initctl;
-RUN rm -rf /lib/systemd/system/basic.target.wants/;
-RUN rm -rf /lib/systemd/system/anaconda.target.wants/*;
+RUN apt-get update -q -y && apt-get install -q -y curl && apt clean all
 
 WORKDIR /
 COPY --from=builder /workspace/manager .

diff --git a/api/v1alpha1/operation_descriptor_types.go b/api/v1alpha1/operation_descriptor_types.go
@@ -54,6 +54,10 @@ type UpgradeOperationSpec struct {
 
 // RenewCertificatesOperationSpec provide declarative support for the kubeadm upgrade workflow.
 type RenewCertificatesOperationSpec struct {
+	// +optional
+	// Commands is a list of commands to run: all, apiserver, apiserver-etcd-client, apiserver-kubelet-client,
+	// controller-manager.conf, etcd-healthcheck-client, etcd-peer, etcd-server, front-proxy-client, scheduler.conf
+	Commands []string `json:"commands"`
 
 	// INSERT ADDITIONAL SPEC FIELDS -
 	// Important: Run "make" to regenerate code after modifying this file

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/commands/kubeadm_renew_certificate.go b/commands/kubeadm_renew_certificate.go
@@ -32,6 +32,8 @@ func runKubeadmRenewCertificates(spec *operatorv1.KubeadmRenewCertsCommandSpec,
 		spec.Commands = []string{"all"}
 	}
 
+	log.Info("Running kubeadm renew certificates command", "commands", spec.Commands)
+
 	for _, command := range spec.Commands {
 		cmd := newCmd("kubeadm", "certs", "renew", command)
 

diff --git a/config/crd/bases/operator.kubeadm.x-k8s.io_operations.yaml b/config/crd/bases/operator.kubeadm.x-k8s.io_operations.yaml
@@ -444,6 +444,15 @@ spec:
               renewCertificates:
                 description: RenewCertificates provide declarative support for the
                   kubeadm upgrade workflow.
+                properties:
+                  commands:
+                    description: 'Commands is a list of commands to run: all, apiserver,
+                      apiserver-etcd-client, apiserver-kubelet-client, controller-manager.conf,
+                      etcd-healthcheck-client, etcd-peer, etcd-server, front-proxy-client,
+                      scheduler.conf'
+                    items:
+                      type: string
+                    type: array
                 type: object
               upgrade:
                 description: Upgrade provide declarative support for the kubeadm upgrade

diff --git a/controllers/util.go b/controllers/util.go
@@ -166,10 +166,10 @@ func createDaemonSet(c client.Client, operation *operatorv1.Operation, namespace
 									Name:      "kubeadm-binary",
 									MountPath: "/usr/bin/kubeadm",
 								},
-								{
-									Name:      "kubelet-binary",
-									MountPath: "/usr/bin/kubelet",
-								},
+								// {
+								// 	Name:      "kubelet-binary",
+								// 	MountPath: "/usr/bin/kubelet",
+								// },
 								{
 									Name:      "kubelet-new-binary",
 									MountPath: "/usr/bin/kubelet-new",
@@ -228,15 +228,15 @@ func createDaemonSet(c client.Client, operation *operatorv1.Operation, namespace
 								},
 							},
 						},
-						{
-							Name: "kubelet-binary",
-							VolumeSource: corev1.VolumeSource{
-								HostPath: &corev1.HostPathVolumeSource{
-									Path: "/usr/bin/kubelet",
-									Type: hostPathTypePtr(corev1.HostPathFile),
-								},
-							},
-						},
+						// {
+						// 	Name: "kubelet-binary",
+						// 	VolumeSource: corev1.VolumeSource{
+						// 		HostPath: &corev1.HostPathVolumeSource{
+						// 			Path: "/usr/bin/kubelet",
+						// 			Type: hostPathTypePtr(corev1.HostPathFile),
+						// 		},
+						// 	},
+						// },
 						{
 							Name: "kubelet-new-binary",
 							VolumeSource: corev1.VolumeSource{

diff --git a/operations/renewcertificates.go b/operations/renewcertificates.go
@@ -33,7 +33,9 @@ func planRenewCertificates(operation *operatorv1.Operation, spec *operatorv1.Ren
 	setCPSelector(&t1)
 	t1.Spec.Template.Spec.Commands = append(t1.Spec.Template.Spec.Commands,
 		operatorv1.CommandDescriptor{
-			KubeadmRenewCertificates: &operatorv1.KubeadmRenewCertsCommandSpec{},
+			KubeadmRenewCertificates: &operatorv1.KubeadmRenewCertsCommandSpec{
+				Commands: operation.Spec.RenewCertificates.Commands,
+			},
 		},
 	)
 	items = append(items, t1)

diff --git a/samples/renew-apiserver.yaml b/samples/renew-apiserver.yaml
@@ -0,0 +1,9 @@
+apiVersion: operator.kubeadm.x-k8s.io/v1alpha1
+kind: Operation
+metadata:
+  name: renew
+spec:
+  executionMode: Auto
+  renewCertificates:
+    commands:
+    - apiserver
diff --git a/samples/upgrade-v1.24.1-auto.yaml b/samples/upgrade-v1.24.1-auto.yaml
@@ -0,0 +1,9 @@
+apiVersion: operator.kubeadm.x-k8s.io/v1alpha1
+kind: Operation
+metadata:
+  name: upgrade-v1.24.1
+spec:
+  executionMode: Auto
+  upgrade:
+    kubernetesVersion: v1.24.1
+    local: false