The flags for control-plane component manifest under 'upgrade diff'
and the --feture-gates flag were deprecated and NOOP in 1.31
and can be removed in 1.32.
The flag --print-manifest is only present for the subphases of
'kubeadm init phase addon'. It needs to be allowed to be mixed
with the flag --config so that the user can pass their custom
config that will affect the output of the printed manifests.
v1beta3.ClusterConfiguration.APIServer.TimeoutForControlPlane
must be migrated to {Init|Join}Configuration.Timeouts.
.ControlPlaneComponentHealthCheck.
To achieve this sort of cross-Kind migration do the following:
- Use a temporary, thread-safe variable in timeoututils.go
- Make the order of GVKs in documentMapToInitConfiguration
deterministic.
Instead of defaulting ExtraEnvs for CP components to an empty
slice when converting from/to v1beta3 keep it nil.
This allows for expecting a nil value in the internal
config, similarly to ExtraArgs.
- Include some more examples related to v1beta4 in the doc.go.
- Fix some typos in v1beta4 field comments.
- Add missing JSON tag for UpgradeConfiguration.Apply.SkipPhases.
After the introduction of v1beta4 if the user inputs the old
v1beta3 discovery timeout the value is ignored. Fix that
by introducing a conversion to v1beta4.
Co-authored-by: penghez (GitHub handle)
Add Upgrade{Apply|Node}Configuration.{ImagePullPolicy|ImagePullSerial}.
The same feature already exists in NodeRegistrationOptions for
{Init|Join}Configuration.
Allow the user to pass custom cert validity period with
ClusterConfiguration.CertificateValidityPeriod and
CACertificateValidityPeriod.
The defaults remain 1 year for regular cert and 10 years for CA.
Show warnings if the provided values are more than the defaults.
Additional changes:
- In "certs show-expiration" use HumanDuration() to print
more detailed durations instead of ShortHumanDuration().
- Add a new kubeadm util GetStartTime() which can be used
to consistently get a UTC time for tasks like writing certs
and unit tests.
- Update unit tests to validate the new customizable NotAfter.
Follow the same process of adding the Timeouts struct
to UpgradeConfiguration similarly to how it was done for
other API Kinds.
In the Timeouts struct include one new timeout:
- UpgradeManifests
Previous v1beta4 work added support for
ClusterConfiguration.EncryptionAlgorithm, however the possible
values were limited to just "RSA" (2048 key size) and "ECDSA" (P256).
Allow more arbitrary algorithm types, that can also include key size
or curve type encoded in the name:
"RSA-2048" (default), "RSA-3072", "RSA-4096" or "ECDSA-P256".
Update the deprecation notice of the PublicKeysECDSA FeatureGate
as ideally it should be removed only after v1beta3 is removed.
Currently, timeouts are only accessible if a kubeadm runtime.Object{}
like InitConfiguration is passed around.
Any time a config is loaded or defaulted, store the Timeouts
structure in a thread-safe way in the main kubeadm API package
with SetActiveTimeouts(). Optionally, a deep-copy can be
performed before calling SetActiveTimeouts(). Make this struct
accessible with GetActiveTimeouts(). Ensure these functions
are thread safe.
On init() make sure the struct is defaulted, so that unit
tests can work with these values.
The struct is included in InitConfiguration, JoinConfiguration
and ResetConfiguration.
Add conversion and update defaulters and fuzzers.
Include a timeoututils.go that contains a function
to default the internal Timeouts struct.
Add new a v1beta4.ResetConfiguration.UnmountFlags field that
can be used to pass in Linux unmount2() flags such as MNT_FORCE.
Default value continues to be 0 - i.e. no flags.
Turn on FeatureGate MergeCLIArgumentsWithConfig to keep the legacy way of management of
ignorePreflightErrors, which means the value defined by the flag `ignore-preflight-errors`
will be merged with the value `ignorePreflightErrors` defined in the config file.
Otherwise, the value defined by the flag will replace the value from the config file if set.
Signed-off-by: Dave Chen <dave.chen@arm.com>
