They were deprecated in etcd 3.6.0 and were removed in 3.7.0:
https://github.com/etcd-io/etcd/pull/19959
InitialCorruptCheck is now a behind Etcd feature gate. The new flags are
set based on provided k8s version.
Signed-off-by: Aleksander Mistewicz <amistewicz@google.com>
Start using a named port 'probe-port' for all probes in all the control
plane components static pod manifests - kube-apiserver,
kube-controller-manage, kube-scheduler, etcd.
Users who previously patched the probes with custom values must now
switch to patching the named port too.
The previous message incorrectly used `JoinConfigurationKind`,
which is unrelated, as `documentMapToResetConfiguration` function
only processes ResetConfiguration.
- Replace usage of pkg/errors with the local util/errors.
- Run kinder/hack/orderimports tool from kubeadm repo to
order the imports in the source tree.
pkg/errors is archived and while there is go-errors/errors as
an alternative, it lacks wraping methods. kubeadm has
specific neends and it's better to implement something
minimal locally instead of introducing another depedency.
- Implement basic wrapped errors and stack trace support.
cmd/kubeadm/app/util/errors.
- Remove unused error codes >1. At some point it seems we broke
these and 1 was returned for all error types.
- Remove the Error type in preflight and separate the printing
of '[preflight]' message and the error return from preflight
checks.
- Print an 'error:' prefix for all errors.
Recently in PR 131741 the kubeadm fixture for cluster-info
in dryrun.go was updated to remove the 'preferences' struct.
This means that the hardcoded JWS signature of the cluster-info
fixture must also be updated.
Update the signature to the expected one to fix e2e
failures in dryrun-latest.
https://testgrid.k8s.io/sig-cluster-lifecycle-kubeadm#kubeadm-kinder-dryrun-latest
This commit introduces support for using ECDSA P-384 as an encryption
algorithm for generating certificates and keys within kubeadm.
The following changes are included:
- Defined the `EncryptionAlgorithmECDSAP384` constant in the kubeadm API types.
- Updated API documentation to reflect the new algorithm option ("ECDSA-P384").
- Added validation for `ECDSA-P384` in the cluster configuration.
- Implemented key generation logic for ECDSA P-384 keys in `pkiutil`
(using `elliptic.P384()`).
- Added corresponding unit tests to verify the new algorithm's functionality
in `pkiutil`.
This allows users to choose ECDSA P-384 for
kubeadm-managed clusters.
When the kube-apiserver has --anonymous-auth=false,
the regular http.Client.Get() that WaitForAllControlPlaneComponents
does will not work.
Always use the discovery client when checking the health status
of the kube-apiserver.
Do a minor rework of struct fields and unit tests.
Replace nil client in cmd/phases/join/waitcontrolplane.go.
