New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kubeadm: support kubeadm join --dry-run #103027
kubeadm: support kubeadm join --dry-run #103027
Conversation
Hi @Haleygo. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
6eea44b
to
2d87eb7
Compare
/ok-to-test |
2d87eb7
to
fe349f6
Compare
/retest |
// If we're dry-running, set CertificatesDir to default value to get the right cert path in static pod yaml | ||
if data.DryRun() { | ||
cfg.CertificatesDir = filepath.Join(kubeadmconstants.KubernetesDir, kubeadmconstants.DefaultCertificateDir) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
but during dryrun the directory where the certs were written is now data.CertificateWriteDir().
are you getting errors if this is not added here?
[1]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It won't get errors here, but if I don't change it, it will write tmp cert dir path to static pod yaml instead of "/etc/kubernetes/pki/".
And If I remake CreateStaticPodFiles() to accept path directly, GetStaticPodSpecs need to do the same and other places that use them.
any suggestion? @neolit123
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
making these functions accept a directory seems like a good idea for dry-run / testing?
...that likely is going to make this change a lot bigger though.
// If we're dry-running, download certs to tmp dir | ||
if data.DryRun() { | ||
cfg.CertificatesDir = data.CertificateWriteDir() | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
related question to [1]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, it's very tricky to set CertificatesDir during the whole dry-run process.
First, I need to download certs to the right tmp dir but I can't pass data.CertificateWriteDir() to copycerts.DownloadCerts and certsphase.CreatePKIAssets directly. And remake the args of those two func will be a big work.
Then, when it comes to CreateStaticPodFiles(), CertificatesDir should be set as "/etc/kubernetes/pki" cause it will be written into static pod yaml and printed later, so I change it again
thank you very much for the efforts @Haleygo one problem is code freeze (for 1.22) is next week (July 8th) and we need to make sure that if we are going to merge this it does not make regressions...so that is a bit of a concern. in the meantime, more reviews from others are appreciated. |
of course, in the meantime, I will do more test on this. |
2d0bbae
to
3d6c2d5
Compare
i will get back to reviewing this PR after code freeze for 1.22. |
would you have time to work on this again @Haleygo ? |
3d6c2d5
to
25d209f
Compare
@neolit123 Sure thing, done. |
^ found one potential problem. about these comments: i think it's still not ideal that we are mutating a |
+1, maybe create another task? and I would like to help with that. |
sure, you can open an issue with some details in kubernetes/kubeadm and assign yourself. |
25d209f
to
95e000f
Compare
/lgtm thanks, let's see if we get some failures after the change. |
/retest |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Haleygo, neolit123 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind feature
What this PR does / why we need it:
add --dry-run flag for "kubeadm join", run "kubeadm join --dry-run" to see what would be done
Which issue(s) this PR fixes:
Fixes kubernetes/kubeadm#2505
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: