Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add print-manifest flag to print addon manifests to STDOUT #109995

Merged
merged 1 commit into from Jun 8, 2022
Merged

add print-manifest flag to print addon manifests to STDOUT #109995

merged 1 commit into from Jun 8, 2022

Conversation

wangyysde
Copy link
Member

@wangyysde wangyysde commented May 12, 2022
edited by k8s-ci-robot

Signed-off-by: wangyysde net_use@bzhy.com

What type of PR is this?

What this PR does / why we need it:

It can be useful to allow kubeadm users to skip addons but still be able to obtain the addon manifests that kubeadm will apply for version X. This PR add print-manifest flag to support printing addon manifests to STDOUT.

Which issue(s) this PR fixes:

Fixes kubernetes/kubeadm#2681

Special notes for your reviewer:

Does this PR introduce a user-facing change?

kubeadm: add support for the flag "--print-manifest" to the addon phases "kube-proxy" and "coredns" of "kubeadm init phase addon". If this flag is used kubeadm will not apply a given addon and instead print to the terminal the API objects that will be applied.

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

NONE

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/needs-kind Indicates a PR lacks a `kind/foo` label and requires one. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels May 12, 2022
@k8s-ci-robot k8s-ci-robot added area/kubeadm sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. and removed do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels May 12, 2022
@k8s-ci-robot k8s-ci-robot added area/provider/gcp Issues or PRs related to gcp provider sig/cloud-provider Categorizes an issue or PR as relevant to SIG Cloud Provider. labels May 12, 2022
@k8s-ci-robot k8s-ci-robot added area/code-generation sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. labels May 13, 2022
@wangyysde wangyysde force-pushed the fix_issue_2681 branch 2 times, most recently from 5435e3c to 63825ed Compare May 13, 2022 09:26
neolit123
neolit123 reviewed May 16, 2022
View reviewed changes
cmd/kubeadm/app/cmd/init.go Outdated
Comment on lines 295 to 298
flagSet.BoolVar(
&initOptions.printManifest, options.PrintManifest, initOptions.printManifest,
"Print the addon manifests to STDOUT instead of install them.",
)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think we should not add the flag to the main init or init phase addon, but only to the addon phases:

  • init phase addon coredns --print-manifest
  • init phase addon kube-proxy --print-manifest

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. I will move the flag to the addon phases

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Print the addon manifests to STDOUT instead of install them.
->
Print the addon manifest to STDOUT instead of installing them.

Copy link
Member

@neolit123 neolit123 May 17, 2022
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The plural form is correct here (with s / them) or we can remove "s" and have "it". We can adjust the message again once the rest of the code org is done.

neolit123
neolit123 reviewed May 16, 2022
View reviewed changes
Copy link
Member

@neolit123 neolit123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the PR @wangyysde
i've added a few comments.

basically what we want is the following:

  • add the new flag only to the addon phases them self, but not to the parent addon command or init.
  • Ensure* addon functions can accept the printManifest bool flag, but do the printing on an io.Writer and not always to STDOUT.

that seems like the easiest refactor.
please let me know if you have questions.

/cc @pacoxu
PTAL for reviews too if you have time.

@k8s-ci-robot k8s-ci-robot requested a review from pacoxu May 16, 2022 14:18
@neolit123
Copy link
Member

/remove-area code-generation provider/gcp
/ kind feature
/priority backlog
/triage accepted
/remove-sig api-machinery cloud-provider

@k8s-ci-robot k8s-ci-robot added the priority/backlog Higher priority than priority/awaiting-more-evidence. label May 16, 2022
neolit123
neolit123 reviewed Jun 6, 2022
View reviewed changes
Copy link
Member

@neolit123 neolit123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@wangyysde thanks for continuing to work on this.
added a few minor comments, but it seems we are going to be able to merge this soon.

cmd/kubeadm/app/phases/addons/dns/dns.go
fmt.Fprintf(out, "%s\n", []byte(CoreDNSServiceAccount))
return nil
}

if err := createCoreDNSAddon(coreDNSDeploymentBytes, coreDNSServiceBytes, coreDNSConfigMapBytes, client); err != nil {
return err
}
Copy link
Member

@neolit123 neolit123 Jun 6, 2022
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's use the fmt.Println(out, ...) instead of fmt.Println("[addons] Applied essential addon: CoreDNS") on the line below (154), given we now have the proper target passed to this function.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok .

cmd/kubeadm/app/phases/addons/proxy/proxy.go Outdated
if err := CreateServiceAccount(client); err != nil {
return errors.Wrap(err, "error when creating kube-proxy service account")
}
func EnsureProxyAddon(cfg *kubeadmapi.ClusterConfiguration, localEndpoint *kubeadmapi.APIEndpoint, client clientset.Interface, out io.Writer, printManifest bool) error {

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's remove this empty line (side cleanup)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thks.

cmd/kubeadm/app/phases/addons/proxy/proxy.go Outdated
}

fmt.Println("[addons] Applied essential addon: kube-proxy")
return nil
}

// CreateServiceAccount creates the necessary serviceaccounts that kubeadm uses/might use, if they don't already exist.
func CreateServiceAccount(client clientset.Interface) error {
// Create Sa, RBACRules or print manifests of them to out if printManifest is true
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Create Sa, RBACRules or print manifests of them to out if printManifest is true
// Create SA, RBACRules or print manifests of them to out if printManifest is true

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thks.

cmd/kubeadm/app/phases/addons/proxy/proxy.go Outdated
// CreateServiceAccount creates the necessary serviceaccounts that kubeadm uses/might use, if they don't already exist.
func CreateServiceAccount(client clientset.Interface) error {
// Create Sa, RBACRules or print manifests of them to out if printManifest is true
func CreateSARBACRules(cmByte []byte, dsByte []byte, client clientset.Interface, out io.Writer, printManifest bool) error {
Copy link
Member

@neolit123 neolit123 Jun 6, 2022
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we make this function private. also maybe we can call it printOrCreateKubeProxyObjects()?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have renamed the function to printOrCreateKubeProxyObjects

cmd/kubeadm/app/phases/addons/proxy/proxy.go Outdated Show resolved Hide resolved
@wangyysde wangyysde requested a review from neolit123 June 7, 2022 06:20
@wangyysde
Copy link
Member Author

I have modified this PR. @neolit123 @pacoxu Could you review it again? Thks!

neolit123
neolit123 reviewed Jun 7, 2022
View reviewed changes
Copy link
Member

@neolit123 neolit123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

good job, thanks!

@k8s-ci-robot k8s-ci-robot added lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Jun 7, 2022
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: neolit123, wangyysde

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 7, 2022
@neolit123
Copy link
Member

tide — Not mergeable. PR has a merge conflict.

looks like some PRs just merged and this needs a quick rebase.

@neolit123
Copy link
Member

neolit123 commented Jun 7, 2022
edited

so i tested it locally and there are some minor problems, but overall this is working as expected.
/hold

1. the client should not be needed when we print manifests

kubeadm init phase addon kube-proxy --print-manifest
error execution phase addon/kube-proxy: failed to load admin kubeconfig: open /etc/kubernetes/admin.conf: no such file or directory
To see the stack trace of this error execute with --v=5 or higher

kubeadm init phase addon coredns --print-manifest
error execution phase addon/coredns: failed to load admin kubeconfig: open /etc/kubernetes/admin.conf: no such file or directory
To see the stack trace of this error execute with --v=5 or higher

this can be avoided with a simple fix:

diff --git a/cmd/kubeadm/app/cmd/phases/init/addons.go b/cmd/kubeadm/app/cmd/phases/init/addons.go
index c31eb779fd1..47fa070ae69 100644
--- a/cmd/kubeadm/app/cmd/phases/init/addons.go
+++ b/cmd/kubeadm/app/cmd/phases/init/addons.go
@@ -90,9 +90,13 @@ func getInitData(c workflow.RunData) (*kubeadmapi.InitConfiguration, clientset.I
                return nil, nil, nil, errors.New("addon phase invoked with an invalid data struct")
        }
        cfg := data.Cfg()
-       client, err := data.Client()
-       if err != nil {
-               return nil, nil, nil, err
+       var client clientset.Interface
+       var err error
+       if !printManifest {
+               client, err = data.Client()
+               if err != nil {
+                       return nil, nil, nil, err
+               }
        }
 
        out := data.OutputWriter()

2. even if we pass --print-manifest the lines:

[addons] Applied essential addon: kube-proxy / coredns

are printed. we should only print them if we are actually applying the addons.

3. when the manifests are printed there are extra new lines around the ---. can we avoid these somehow?

example - currently it's:

...
  verbs:
  - get

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  creationTimestamp: null
  name: kube-proxy
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: kube-proxy
subjects:
- kind: Group
  name: system:bootstrappers:kubeadm:default-node-token

---

kind: ConfigMap
apiVersion: v1
metadata:
  name: kube-proxy
...

should be:

...
  verbs:
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  creationTimestamp: null
  name: kube-proxy
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: kube-proxy
subjects:
- kind: Group
  name: system:bootstrappers:kubeadm:default-node-token
---
kind: ConfigMap
apiVersion: v1
metadata:
  name: kube-proxy
...

the idea is to have:

---
manifest1
---
manifest2

instead of:

---
manifest1


---

manifest2

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 7, 2022
@wangyysde
add print-manifest flag to print addon manifests to STDOUT
e863ebb 
Signed-off-by: wangyysde <net_use@bzhy.com>
@k8s-ci-robot k8s-ci-robot removed lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Jun 8, 2022
@wangyysde
Copy link
Member Author

/test pull-kubernetes-e2e-kind

@wangyysde wangyysde requested a review from neolit123 June 8, 2022 08:37
@wangyysde
Copy link
Member Author

@neolit123 @pacoxu
I have modified this PR. Could you review it again? Thanks.

  1. the client should not be needed when we print manifests

Thks. I have modified it.

  1. even if we pass --print-manifest the lines:

This bug has be fixed. thks.

when the manifests are printed there are extra new lines around the ---. can we avoid these somehow?

New lines have been omitted.

@pacoxu
Copy link
Member

pacoxu commented Jun 8, 2022

/lgtm
👍

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 8, 2022
@neolit123
Copy link
Member

/hold cancel
tested locally and works fine from what i saw.

thanks again.

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 8, 2022
@neolit123
Copy link
Member

/retest

@k8s-ci-robot k8s-ci-robot merged commit 0985c47 into kubernetes:master Jun 8, 2022
@k8s-ci-robot k8s-ci-robot added this to the v1.25 milestone Jun 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SataQiu SataQiu Awaiting requested review from SataQiu

@pacoxu pacoxu Awaiting requested review from pacoxu

@neolit123 neolit123 Awaiting requested review from neolit123

Assignees

@neolit123 neolit123

@pacoxu pacoxu

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/kubeadm cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/backlog Higher priority than priority/awaiting-more-evidence. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
v1.25
Development

Successfully merging this pull request may close these issues.

support printing addon manifests to STDOUT with a flag
4 participants
@wangyysde @neolit123 @pacoxu @k8s-ci-robot