From 9a3d7cee474856bc812587179175eec69a72ca3b Mon Sep 17 00:00:00 2001 From: Christian Schlotter Date: Thu, 27 Jun 2024 09:25:21 +0200 Subject: [PATCH 1/3] kinder: add test workflow for testing ControlPlaneKubeletLocalMode feature gate --- kinder/ci/tools/update-workflows/config.yaml | 12 ++ ...nder-control-plane-local-kubelet-mode.yaml | 42 +++++ ...ontrol-plane-local-kubelet-mode-tasks.yaml | 157 +++++++++++++++++ .../control-plane-local-kubelet-mode.yaml | 11 ++ ...ntrol-plane-local-kubelet-mode-latest.yaml | 12 ++ ...ontrol-plane-local-kubelet-mode-tasks.yaml | 158 ++++++++++++++++++ 6 files changed, 392 insertions(+) create mode 100644 kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml create mode 100644 kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml create mode 100644 kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode.yaml create mode 100644 kinder/ci/workflows/control-plane-local-kubelet-mode-latest.yaml create mode 100644 kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml diff --git a/kinder/ci/tools/update-workflows/config.yaml b/kinder/ci/tools/update-workflows/config.yaml index 07b3d21e..fb516be4 100644 --- a/kinder/ci/tools/update-workflows/config.yaml +++ b/kinder/ci/tools/update-workflows/config.yaml @@ -248,3 +248,15 @@ jobGroups: - ./templates/workflows/encryption-algorithm-tasks.yaml jobs: - kubernetesVersion: latest + +- name: control-plane-local-kubelet-mode + testInfraJobSpec: + targetFile: kubeadm-kinder-control-plane-local-kubelet-mode.yaml + template: ./templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml + kinderWorkflowSpec: + targetFile: control-plane-local-kubelet-mode-{{ .KubernetesVersion }}.yaml + template: ./templates/workflows/control-plane-local-kubelet-mode.yaml + additionalFiles: + - ./templates/workflows/control-plane-local-kubelet-mode-tasks.yaml + jobs: + - kubernetesVersion: latest diff --git a/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml b/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml new file mode 100644 index 00000000..61361295 --- /dev/null +++ b/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml @@ -0,0 +1,42 @@ +- name: ci-kubernetes-e2e-kubeadm-kinder-cp-kubelet-local-{{ dashVer .KubernetesVersion }} + cluster: eks-prow-build-cluster + interval: {{ .JobInterval }} + decorate: true + labels: + preset-dind-enabled: "true" + preset-kind-volume-mounts: "true" + annotations: + testgrid-dashboards: sig-cluster-lifecycle-kubeadm + testgrid-tab-name: kubeadm-kinder-cp-kubelet-local-{{ dashVer .KubernetesVersion }} + testgrid-alert-email: sig-cluster-lifecycle-kubeadm-alerts@kubernetes.io + description: "OWNER: sig-cluster-lifecycle (kinder); Uses kubeadm/kinder to create a cluster using ControlPlaneKubeletLocalMode to join control-plane and run kubeadm-e2e and the conformance suite" + testgrid-num-columns-recent: "20" +{{ .AlertAnnotations }} + decoration_config: + timeout: 60m + extra_refs: + - org: kubernetes + repo: kubernetes + base_ref: {{ branchFor .KubernetesVersion }} + path_alias: k8s.io/kubernetes + - org: kubernetes + repo: kubeadm + base_ref: main + path_alias: k8s.io/kubeadm + spec: + containers: + - image: gcr.io/k8s-staging-test-infra/kubekins-e2e:{{ .TestInfraImage }}-{{ imageVer .KubernetesVersion }} + command: + - runner.sh + - "../kubeadm/kinder/ci/kinder-run.sh" + args: + - {{ .WorkflowFile }} + securityContext: + privileged: true + resources: + limits: + memory: "9000Mi" + cpu: 2000m + requests: + memory: "9000Mi" + cpu: 2000m diff --git a/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml new file mode 100644 index 00000000..917b17ec --- /dev/null +++ b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml @@ -0,0 +1,157 @@ +# IMPORTANT! this workflow is imported by control-plane-local-kubelet-mode-* workflows. +version: 1 +summary: | + This workflow implements a sequence of tasks used test the proper functioning + of kubeadm not in control plane local kubelet mode during joining control plane. +vars: + # vars defines default values for variable used by tasks in this workflow; + # those values might be overridden when importing this files. + kubernetesVersion: v1.31.0 + upgradeVersion: v1.31.0 + controlPlaneNodes: 3 + workerNodes: 2 + baseImage: kindest/base:v20221102-76f15095 # has containerd + image: kindest/node:test + clusterName: kinder-control-plane-local-kubelet-mode + kubeadmVerbosity: 6 +tasks: +- name: pull-base-image + description: | + pulls kindest/base image with docker in docker and all the prerequisites necessary for running kind(er) + cmd: docker + args: + - pull + - "{{ .vars.baseImage }}" +- name: add-kubernetes-versions + description: | + creates a node-image-variant by adding a Kubernetes version + cmd: kinder + args: + - build + - node-image-variant + - --base-image={{ .vars.baseImage }} + - --image={{ .vars.image }} + - --with-init-artifacts={{ .vars.kubernetesVersion }} + - --with-upgrade-artifacts={{ .vars.upgradeVersion }} + - --loglevel=debug + timeout: 15m +- name: create-cluster + description: | + create a set of nodes ready for hosting the Kubernetes cluster + cmd: kinder + args: + - create + - cluster + - --name={{ .vars.clusterName }} + - --image={{ .vars.image }} + - --control-plane-nodes={{ .vars.controlPlaneNodes }} + - --worker-nodes={{ .vars.workerNodes }} + - --loglevel=debug + timeout: 5m +- name: init + description: | + Initializes the Kubernetes cluster with version "initVersion" + by starting the boostrap control-plane nodes + cmd: kinder + args: + - do + - kubeadm-init + - --name={{ .vars.clusterName }} + - --loglevel=debug + - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} + - --kubeadm-feature-gate="ControlPlaneKubeletLocalMode=true" + - --copy-certs=auto + timeout: 5m +- name: join + description: | + Join the other nodes to the Kubernetes cluster + cmd: kinder + args: + - do + - kubeadm-join + - --name={{ .vars.clusterName }} + - --loglevel=debug + - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} + - --copy-certs=auto + timeout: 10m +- name: upgrade + description: | + upgrades the cluster to Kubernetes "upgradeVersion" + cmd: kinder + args: + - do + - kubeadm-upgrade + - --upgrade-version={{ .vars.upgradeVersion }} + - --name={{ .vars.clusterName }} + - --loglevel=debug + - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} + timeout: 15m +- name: cluster-info + description: | + Runs cluster-info + cmd: kinder + args: + - do + - cluster-info + - --name={{ .vars.clusterName }} + - --loglevel=debug +- name: e2e-kubeadm + description: | + Runs kubeadm e2e tests + cmd: kinder + args: + - test + - e2e-kubeadm + - --test-flags=--report-dir={{ .env.ARTIFACTS }} --report-prefix=e2e-kubeadm + - --name={{ .vars.clusterName }} + - --loglevel=debug + timeout: 10m +- name: e2e + description: | + Runs Kubernetes e2e test (conformance) + cmd: kinder + args: + - test + - e2e + - --test-flags=--report-dir={{ .env.ARTIFACTS }} --report-prefix=e2e + - --parallel + - --name={{ .vars.clusterName }} + - --loglevel=debug + timeout: 35m +- name: get-logs + description: | + Collects all the test logs + cmd: kinder + args: + - export + - logs + - --loglevel=debug + - --name={{ .vars.clusterName }} + - "{{ .env.ARTIFACTS }}" + force: true + timeout: 5m + # kind export log is know to be flaky, so we are temporary ignoring errors in order + # to make the test pass in case everything else passed + # see https://github.com/kubernetes-sigs/kind/issues/456 + ignoreError: true +- name: reset + description: | + Exec kubeadm reset + cmd: kinder + args: + - do + - kubeadm-reset + - --name={{ .vars.clusterName }} + - --loglevel=debug + - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} + force: true +- name: delete + description: | + Deletes the cluster + cmd: kinder + args: + - delete + - cluster + - --name={{ .vars.clusterName }} + - --loglevel=debug + force: true diff --git a/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode.yaml b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode.yaml new file mode 100644 index 00000000..dbfec517 --- /dev/null +++ b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode.yaml @@ -0,0 +1,11 @@ +version: 1 +summary: | + This workflow tests the proper functioning of the {{ .KubernetesVersion }} version of both kubeadm and Kubernetes using + control plane local kubelet mode to join control plane. + test grid > https://testgrid.k8s.io/sig-cluster-lifecycle-kubeadm#kubeadm-kinder-control-plane-local-kubelet-mode{{ dashVer .KubernetesVersion }} + config > https://git.k8s.io/test-infra/config/jobs/kubernetes/sig-cluster-lifecycle/{{ .TargetFile }} +vars: + kubernetesVersion: "\{\{ resolve `ci/{{ ciLabelFor .KubernetesVersion }}` \}\}" + upgradeVersion: "\{\{ resolve `ci/{{ ciLabelFor .KubernetesVersion }}` \}\}" +tasks: +- import: control-plane-local-kubelet-mode-tasks.yaml diff --git a/kinder/ci/workflows/control-plane-local-kubelet-mode-latest.yaml b/kinder/ci/workflows/control-plane-local-kubelet-mode-latest.yaml new file mode 100644 index 00000000..7367b915 --- /dev/null +++ b/kinder/ci/workflows/control-plane-local-kubelet-mode-latest.yaml @@ -0,0 +1,12 @@ +# AUTOGENERATED by https://git.k8s.io/kubeadm/kinder/ci/tools/update-workflows +version: 1 +summary: | + This workflow tests the proper functioning of the latest version of both kubeadm and Kubernetes using + control plane local kubelet mode to join control plane. + test grid > https://testgrid.k8s.io/sig-cluster-lifecycle-kubeadm#kubeadm-kinder-control-plane-local-kubelet-modelatest + config > https://git.k8s.io/test-infra/config/jobs/kubernetes/sig-cluster-lifecycle/kubeadm-kinder-control-plane-local-kubelet-mode.yaml +vars: + kubernetesVersion: "{{ resolve `ci/latest` }}" + upgradeVersion: "{{ resolve `ci/latest` }}" +tasks: +- import: control-plane-local-kubelet-mode-tasks.yaml diff --git a/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml b/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml new file mode 100644 index 00000000..03068913 --- /dev/null +++ b/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml @@ -0,0 +1,158 @@ +# AUTOGENERATED by https://git.k8s.io/kubeadm/kinder/ci/tools/update-workflows +# IMPORTANT! this workflow is imported by control-plane-local-kubelet-mode-* workflows. +version: 1 +summary: | + This workflow implements a sequence of tasks used test the proper functioning + of kubeadm not in control plane local kubelet mode during joining control plane. +vars: + # vars defines default values for variable used by tasks in this workflow; + # those values might be overridden when importing this files. + kubernetesVersion: v1.31.0 + upgradeVersion: v1.31.0 + controlPlaneNodes: 3 + workerNodes: 2 + baseImage: kindest/base:v20221102-76f15095 # has containerd + image: kindest/node:test + clusterName: kinder-control-plane-local-kubelet-mode + kubeadmVerbosity: 6 +tasks: +- name: pull-base-image + description: | + pulls kindest/base image with docker in docker and all the prerequisites necessary for running kind(er) + cmd: docker + args: + - pull + - "{{ .vars.baseImage }}" +- name: add-kubernetes-versions + description: | + creates a node-image-variant by adding a Kubernetes version + cmd: kinder + args: + - build + - node-image-variant + - --base-image={{ .vars.baseImage }} + - --image={{ .vars.image }} + - --with-init-artifacts={{ .vars.kubernetesVersion }} + - --with-upgrade-artifacts={{ .vars.upgradeVersion }} + - --loglevel=debug + timeout: 15m +- name: create-cluster + description: | + create a set of nodes ready for hosting the Kubernetes cluster + cmd: kinder + args: + - create + - cluster + - --name={{ .vars.clusterName }} + - --image={{ .vars.image }} + - --control-plane-nodes={{ .vars.controlPlaneNodes }} + - --worker-nodes={{ .vars.workerNodes }} + - --loglevel=debug + timeout: 5m +- name: init + description: | + Initializes the Kubernetes cluster with version "initVersion" + by starting the boostrap control-plane nodes + cmd: kinder + args: + - do + - kubeadm-init + - --name={{ .vars.clusterName }} + - --loglevel=debug + - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} + - --kubeadm-feature-gate="ControlPlaneKubeletLocalMode=true" + - --copy-certs=auto + timeout: 5m +- name: join + description: | + Join the other nodes to the Kubernetes cluster + cmd: kinder + args: + - do + - kubeadm-join + - --name={{ .vars.clusterName }} + - --loglevel=debug + - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} + - --copy-certs=auto + timeout: 10m +- name: upgrade + description: | + upgrades the cluster to Kubernetes "upgradeVersion" + cmd: kinder + args: + - do + - kubeadm-upgrade + - --upgrade-version={{ .vars.upgradeVersion }} + - --name={{ .vars.clusterName }} + - --loglevel=debug + - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} + timeout: 15m +- name: cluster-info + description: | + Runs cluster-info + cmd: kinder + args: + - do + - cluster-info + - --name={{ .vars.clusterName }} + - --loglevel=debug +- name: e2e-kubeadm + description: | + Runs kubeadm e2e tests + cmd: kinder + args: + - test + - e2e-kubeadm + - --test-flags=--report-dir={{ .env.ARTIFACTS }} --report-prefix=e2e-kubeadm + - --name={{ .vars.clusterName }} + - --loglevel=debug + timeout: 10m +- name: e2e + description: | + Runs Kubernetes e2e test (conformance) + cmd: kinder + args: + - test + - e2e + - --test-flags=--report-dir={{ .env.ARTIFACTS }} --report-prefix=e2e + - --parallel + - --name={{ .vars.clusterName }} + - --loglevel=debug + timeout: 35m +- name: get-logs + description: | + Collects all the test logs + cmd: kinder + args: + - export + - logs + - --loglevel=debug + - --name={{ .vars.clusterName }} + - "{{ .env.ARTIFACTS }}" + force: true + timeout: 5m + # kind export log is know to be flaky, so we are temporary ignoring errors in order + # to make the test pass in case everything else passed + # see https://github.com/kubernetes-sigs/kind/issues/456 + ignoreError: true +- name: reset + description: | + Exec kubeadm reset + cmd: kinder + args: + - do + - kubeadm-reset + - --name={{ .vars.clusterName }} + - --loglevel=debug + - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} + force: true +- name: delete + description: | + Deletes the cluster + cmd: kinder + args: + - delete + - cluster + - --name={{ .vars.clusterName }} + - --loglevel=debug + force: true From 34029a8001f08dbcf19883dfb2354d908e9a41ec Mon Sep 17 00:00:00 2001 From: Christian Schlotter Date: Fri, 28 Jun 2024 08:43:18 +0200 Subject: [PATCH 2/3] review fixes --- ...nder-control-plane-local-kubelet-mode.yaml | 6 +- ...ontrol-plane-local-kubelet-mode-tasks.yaml | 91 ++++++++++++++++++- .../control-plane-local-kubelet-mode.yaml | 2 +- ...ntrol-plane-local-kubelet-mode-latest.yaml | 2 +- ...ontrol-plane-local-kubelet-mode-tasks.yaml | 91 ++++++++++++++++++- 5 files changed, 185 insertions(+), 7 deletions(-) diff --git a/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml b/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml index 61361295..13e2e09e 100644 --- a/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml +++ b/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml @@ -1,4 +1,4 @@ -- name: ci-kubernetes-e2e-kubeadm-kinder-cp-kubelet-local-{{ dashVer .KubernetesVersion }} +- name: ci-kubernetes-e2e-kubeadm-kinder-control-plane-kubelet-local-{{ dashVer .KubernetesVersion }} cluster: eks-prow-build-cluster interval: {{ .JobInterval }} decorate: true @@ -7,9 +7,9 @@ preset-kind-volume-mounts: "true" annotations: testgrid-dashboards: sig-cluster-lifecycle-kubeadm - testgrid-tab-name: kubeadm-kinder-cp-kubelet-local-{{ dashVer .KubernetesVersion }} + testgrid-tab-name: kubeadm-kinder-control-plane-kubelet-local-{{ dashVer .KubernetesVersion }} testgrid-alert-email: sig-cluster-lifecycle-kubeadm-alerts@kubernetes.io - description: "OWNER: sig-cluster-lifecycle (kinder); Uses kubeadm/kinder to create a cluster using ControlPlaneKubeletLocalMode to join control-plane and run kubeadm-e2e and the conformance suite" + description: "OWNER: sig-cluster-lifecycle (kinder); Uses kubeadm/kinder to create a cluster using the ControlPlaneKubeletLocalMode feature gate and run the kubeadm-e2e and the conformance suites" testgrid-num-columns-recent: "20" {{ .AlertAnnotations }} decoration_config: diff --git a/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml index 917b17ec..bc4311d5 100644 --- a/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml +++ b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml @@ -2,7 +2,7 @@ version: 1 summary: | This workflow implements a sequence of tasks used test the proper functioning - of kubeadm not in control plane local kubelet mode during joining control plane. + of the ControlPlaneKubeletLocalMode feature gate. vars: # vars defines default values for variable used by tasks in this workflow; # those values might be overridden when importing this files. @@ -62,6 +62,24 @@ tasks: - --kubeadm-feature-gate="ControlPlaneKubeletLocalMode=true" - --copy-certs=auto timeout: 5m +- name: post-init + description: | + Run commands after kubeadm init is called on a primary CP node to checks if + the kubelet's kubeconfig file points to the local apiserver. + cmd: /bin/bash + args: + - -c + - | + set -x + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-1)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-1" + + # Ensure kubelet.conf points to the local IP. + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + # Ensure exit status of 0 + exit 0 + timeout: 5m - name: join description: | Join the other nodes to the Kubernetes cluster @@ -74,6 +92,52 @@ tasks: - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} - --copy-certs=auto timeout: 10m +- name: post-join + description: | + Run commands after kubeadm join is called on all joined CP node to checks if + the kubelet's kubeconfig file points to the local apiserver. + cmd: /bin/bash + args: + - -c + - | + set -x + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-2)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-2" + + # Ensure kubelet.conf points to the local IP. + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-3)" + CMD="docker exec {{ .vars.clusterName }}-control-plane3" + + # Ensure kubelet.conf points to the local IP. + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + # Ensure exit status of 0 + exit 0 + timeout: 5m +- name: pre-upgrade + description: | + Run commands before kubeadm upgrade is called on all joined CP node to replace + the server in the kubelet's kubeconfig to point to the load balancer. + cmd: /bin/bash + args: + - -c + - | + set -x + + CMD="docker exec {{ .vars.clusterName }}-control-plane-1" + ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + + CMD="docker exec {{ .vars.clusterName }}-control-plane-2" + ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + + CMD="docker exec {{ .vars.clusterName }}-control-plane-3" + ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + + # Ensure exit status of 0 + exit 0 + timeout: 5m - name: upgrade description: | upgrades the cluster to Kubernetes "upgradeVersion" @@ -86,6 +150,31 @@ tasks: - --loglevel=debug - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} timeout: 15m +- name: post-upgrade + description: | + Run commands after kubeadm upgrade is called on all joined CP node to checks if + the kubelet's kubeconfig file points to the local apiserver. + cmd: /bin/bash + args: + - -c + - | + set -x + + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-1)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-1" + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-2)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-2" + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-3)" + CMD="docker exec {{ .vars.clusterName }}-control-plane3" + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + # Ensure exit status of 0 + exit 0 + timeout: 5m - name: cluster-info description: | Runs cluster-info diff --git a/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode.yaml b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode.yaml index dbfec517..a9d1038c 100644 --- a/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode.yaml +++ b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode.yaml @@ -1,7 +1,7 @@ version: 1 summary: | This workflow tests the proper functioning of the {{ .KubernetesVersion }} version of both kubeadm and Kubernetes using - control plane local kubelet mode to join control plane. + the ControlPlaneKubeletLocalMode feature gate. test grid > https://testgrid.k8s.io/sig-cluster-lifecycle-kubeadm#kubeadm-kinder-control-plane-local-kubelet-mode{{ dashVer .KubernetesVersion }} config > https://git.k8s.io/test-infra/config/jobs/kubernetes/sig-cluster-lifecycle/{{ .TargetFile }} vars: diff --git a/kinder/ci/workflows/control-plane-local-kubelet-mode-latest.yaml b/kinder/ci/workflows/control-plane-local-kubelet-mode-latest.yaml index 7367b915..4ecc6dfb 100644 --- a/kinder/ci/workflows/control-plane-local-kubelet-mode-latest.yaml +++ b/kinder/ci/workflows/control-plane-local-kubelet-mode-latest.yaml @@ -2,7 +2,7 @@ version: 1 summary: | This workflow tests the proper functioning of the latest version of both kubeadm and Kubernetes using - control plane local kubelet mode to join control plane. + the ControlPlaneKubeletLocalMode feature gate. test grid > https://testgrid.k8s.io/sig-cluster-lifecycle-kubeadm#kubeadm-kinder-control-plane-local-kubelet-modelatest config > https://git.k8s.io/test-infra/config/jobs/kubernetes/sig-cluster-lifecycle/kubeadm-kinder-control-plane-local-kubelet-mode.yaml vars: diff --git a/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml b/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml index 03068913..4138f2d9 100644 --- a/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml +++ b/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml @@ -3,7 +3,7 @@ version: 1 summary: | This workflow implements a sequence of tasks used test the proper functioning - of kubeadm not in control plane local kubelet mode during joining control plane. + of the ControlPlaneKubeletLocalMode feature gate. vars: # vars defines default values for variable used by tasks in this workflow; # those values might be overridden when importing this files. @@ -63,6 +63,24 @@ tasks: - --kubeadm-feature-gate="ControlPlaneKubeletLocalMode=true" - --copy-certs=auto timeout: 5m +- name: post-init + description: | + Run commands after kubeadm init is called on a primary CP node to checks if + the kubelet's kubeconfig file points to the local apiserver. + cmd: /bin/bash + args: + - -c + - | + set -x + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-1)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-1" + + # Ensure kubelet.conf points to the local IP. + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + # Ensure exit status of 0 + exit 0 + timeout: 5m - name: join description: | Join the other nodes to the Kubernetes cluster @@ -75,6 +93,52 @@ tasks: - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} - --copy-certs=auto timeout: 10m +- name: post-join + description: | + Run commands after kubeadm join is called on all joined CP node to checks if + the kubelet's kubeconfig file points to the local apiserver. + cmd: /bin/bash + args: + - -c + - | + set -x + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-2)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-2" + + # Ensure kubelet.conf points to the local IP. + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-3)" + CMD="docker exec {{ .vars.clusterName }}-control-plane3" + + # Ensure kubelet.conf points to the local IP. + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + # Ensure exit status of 0 + exit 0 + timeout: 5m +- name: pre-upgrade + description: | + Run commands before kubeadm upgrade is called on all joined CP node to replace + the server in the kubelet's kubeconfig to point to the load balancer. + cmd: /bin/bash + args: + - -c + - | + set -x + + CMD="docker exec {{ .vars.clusterName }}-control-plane-1" + ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + + CMD="docker exec {{ .vars.clusterName }}-control-plane-2" + ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + + CMD="docker exec {{ .vars.clusterName }}-control-plane-3" + ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + + # Ensure exit status of 0 + exit 0 + timeout: 5m - name: upgrade description: | upgrades the cluster to Kubernetes "upgradeVersion" @@ -87,6 +151,31 @@ tasks: - --loglevel=debug - --kubeadm-verbosity={{ .vars.kubeadmVerbosity }} timeout: 15m +- name: post-upgrade + description: | + Run commands after kubeadm upgrade is called on all joined CP node to checks if + the kubelet's kubeconfig file points to the local apiserver. + cmd: /bin/bash + args: + - -c + - | + set -x + + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-1)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-1" + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-2)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-2" + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-3)" + CMD="docker exec {{ .vars.clusterName }}-control-plane3" + ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 + + # Ensure exit status of 0 + exit 0 + timeout: 5m - name: cluster-info description: | Runs cluster-info From 8f7cbc8e67cbc333cc20f0452e548e68db7052e9 Mon Sep 17 00:00:00 2001 From: Christian Schlotter Date: Mon, 1 Jul 2024 12:40:22 +0200 Subject: [PATCH 3/3] review fixes --- ...nder-control-plane-local-kubelet-mode.yaml | 4 ++-- ...ontrol-plane-local-kubelet-mode-tasks.yaml | 24 ++++++++++--------- ...ontrol-plane-local-kubelet-mode-tasks.yaml | 24 ++++++++++--------- 3 files changed, 28 insertions(+), 24 deletions(-) diff --git a/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml b/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml index 13e2e09e..36c0d65d 100644 --- a/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml +++ b/kinder/ci/tools/update-workflows/templates/testinfra/kubeadm-kinder-control-plane-local-kubelet-mode.yaml @@ -1,4 +1,4 @@ -- name: ci-kubernetes-e2e-kubeadm-kinder-control-plane-kubelet-local-{{ dashVer .KubernetesVersion }} +- name: ci-kubernetes-e2e-kubeadm-kinder-control-plane-kubelet-local-mode-{{ dashVer .KubernetesVersion }} cluster: eks-prow-build-cluster interval: {{ .JobInterval }} decorate: true @@ -7,7 +7,7 @@ preset-kind-volume-mounts: "true" annotations: testgrid-dashboards: sig-cluster-lifecycle-kubeadm - testgrid-tab-name: kubeadm-kinder-control-plane-kubelet-local-{{ dashVer .KubernetesVersion }} + testgrid-tab-name: kubeadm-kinder-control-plane-kubelet-local-mode-{{ dashVer .KubernetesVersion }} testgrid-alert-email: sig-cluster-lifecycle-kubeadm-alerts@kubernetes.io description: "OWNER: sig-cluster-lifecycle (kinder); Uses kubeadm/kinder to create a cluster using the ControlPlaneKubeletLocalMode feature gate and run the kubeadm-e2e and the conformance suites" testgrid-num-columns-recent: "20" diff --git a/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml index bc4311d5..a0b4f790 100644 --- a/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml +++ b/kinder/ci/tools/update-workflows/templates/workflows/control-plane-local-kubelet-mode-tasks.yaml @@ -71,7 +71,7 @@ tasks: - -c - | set -x - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-1)" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-1)" CMD="docker exec {{ .vars.clusterName }}-control-plane-1" # Ensure kubelet.conf points to the local IP. @@ -101,14 +101,14 @@ tasks: - -c - | set -x - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-2)" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-2)" CMD="docker exec {{ .vars.clusterName }}-control-plane-2" # Ensure kubelet.conf points to the local IP. ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-3)" - CMD="docker exec {{ .vars.clusterName }}-control-plane3" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-3)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-3" # Ensure kubelet.conf points to the local IP. ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 @@ -126,14 +126,16 @@ tasks: - | set -x + LOAD_BALANCER_IP_ADDRESS=$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-lb) + CMD="docker exec {{ .vars.clusterName }}-control-plane-1" - ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + ${CMD} sed -i 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 CMD="docker exec {{ .vars.clusterName }}-control-plane-2" - ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + ${CMD} sed -i 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 CMD="docker exec {{ .vars.clusterName }}-control-plane-3" - ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + ${CMD} sed -i 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 # Ensure exit status of 0 exit 0 @@ -160,16 +162,16 @@ tasks: - | set -x - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-1)" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-1)" CMD="docker exec {{ .vars.clusterName }}-control-plane-1" ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-2)" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-2)" CMD="docker exec {{ .vars.clusterName }}-control-plane-2" ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-3)" - CMD="docker exec {{ .vars.clusterName }}-control-plane3" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-3)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-3" ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 # Ensure exit status of 0 diff --git a/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml b/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml index 4138f2d9..620bf745 100644 --- a/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml +++ b/kinder/ci/workflows/control-plane-local-kubelet-mode-tasks.yaml @@ -72,7 +72,7 @@ tasks: - -c - | set -x - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-1)" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-1)" CMD="docker exec {{ .vars.clusterName }}-control-plane-1" # Ensure kubelet.conf points to the local IP. @@ -102,14 +102,14 @@ tasks: - -c - | set -x - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-2)" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-2)" CMD="docker exec {{ .vars.clusterName }}-control-plane-2" # Ensure kubelet.conf points to the local IP. ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-3)" - CMD="docker exec {{ .vars.clusterName }}-control-plane3" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-3)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-3" # Ensure kubelet.conf points to the local IP. ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 @@ -127,14 +127,16 @@ tasks: - | set -x + LOAD_BALANCER_IP_ADDRESS=$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-lb) + CMD="docker exec {{ .vars.clusterName }}-control-plane-1" - ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + ${CMD} sed -i 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 CMD="docker exec {{ .vars.clusterName }}-control-plane-2" - ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + ${CMD} sed -i 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 CMD="docker exec {{ .vars.clusterName }}-control-plane-3" - ${CMD} sed 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 + ${CMD} sed -i 's@server: https://.*:6443@server: https://'${LOAD_BALANCER_IP_ADDRESS}':6443@g' /etc/kubernetes/kubelet.conf || exit 1 # Ensure exit status of 0 exit 0 @@ -161,16 +163,16 @@ tasks: - | set -x - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-1)" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-1)" CMD="docker exec {{ .vars.clusterName }}-control-plane-1" ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-2)" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-2)" CMD="docker exec {{ .vars.clusterName }}-control-plane-2" ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 - IP_ADDRESS="$(docker inspect --format='\{\{ .NetworkSettings.IPAddress \}\}' {{ .vars.clusterName }}-control-plane-3)" - CMD="docker exec {{ .vars.clusterName }}-control-plane3" + IP_ADDRESS="$(docker inspect --format='{{ "{{" }} .NetworkSettings.IPAddress {{ "}}" }}' {{ .vars.clusterName }}-control-plane-3)" + CMD="docker exec {{ .vars.clusterName }}-control-plane-3" ${CMD} grep "server: https://${IP_ADDRESS}:6443" /etc/kubernetes/kubelet.conf || exit 1 # Ensure exit status of 0