Skip to content

Commit 1240978

Browse files
xiangpengzhaoxiangpengzhao
committed
Re-engineer the kubeadm join logic.
1 parent d52d160 commit 1240978

File tree

2 files changed

+40
-12
lines changed

2 files changed

+40
-12
lines changed

cmd/kubeadm/app/cmd/join.go

Lines changed: 34 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ import (
2020
"fmt"
2121
"io"
2222
"io/ioutil"
23+
"os"
2324
"path/filepath"
2425
"strings"
2526

@@ -28,6 +29,8 @@ import (
2829
flag "github.com/spf13/pflag"
2930

3031
"k8s.io/apimachinery/pkg/runtime"
32+
"k8s.io/apimachinery/pkg/util/wait"
33+
clientset "k8s.io/client-go/kubernetes"
3134
certutil "k8s.io/client-go/util/cert"
3235
kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
3336
kubeadmapiext "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha1"
@@ -237,9 +240,23 @@ func (j *Join) Run(out io.Writer) error {
237240
return err
238241
}
239242

243+
kubeconfigFile := filepath.Join(kubeadmconstants.KubernetesDir, kubeadmconstants.KubeletBootstrapKubeConfigFileName)
244+
245+
// Write the bootstrap kubelet config file or the TLS-Boostrapped kubelet config file down to disk
246+
if err := kubeconfigutil.WriteToDisk(kubeconfigFile, cfg); err != nil {
247+
return fmt.Errorf("couldn't save bootstrap-kubelet.conf to disk: %v", err)
248+
}
249+
250+
// Write the ca certificate to disk so kubelet can use it for authentication
251+
cluster := cfg.Contexts[cfg.CurrentContext].Cluster
252+
err = certutil.WriteCert(j.cfg.CACertPath, cfg.Clusters[cluster].CertificateAuthorityData)
253+
if err != nil {
254+
return fmt.Errorf("couldn't save the CA certificate to disk: %v", err)
255+
}
256+
240257
// NOTE: flag "--dynamic-config-dir" should be specified in /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
241258
if features.Enabled(j.cfg.FeatureGates, features.DynamicKubeletConfig) {
242-
client, err := kubeconfigutil.ClientSetFromFile(kubeadmconstants.GetAdminKubeConfigPath())
259+
client, err := getTLSBootstrappedClient()
243260
if err != nil {
244261
return err
245262
}
@@ -250,20 +267,25 @@ func (j *Join) Run(out io.Writer) error {
250267
}
251268
}
252269

253-
kubeconfigFile := filepath.Join(kubeadmconstants.KubernetesDir, kubeadmconstants.KubeletBootstrapKubeConfigFileName)
270+
fmt.Fprintf(out, joinDoneMsgf)
271+
return nil
272+
}
254273

255-
// Write the bootstrap kubelet config file or the TLS-Boostrapped kubelet config file down to disk
256-
if err := kubeconfigutil.WriteToDisk(kubeconfigFile, cfg); err != nil {
257-
return err
258-
}
274+
// getTLSBootstrappedClient waits for the kubelet to perform the TLS bootstrap
275+
// and then creates a client from config file /etc/kubernetes/kubelet.conf
276+
func getTLSBootstrappedClient() (clientset.Interface, error) {
277+
fmt.Println("[tlsbootstrap] Waiting for the kubelet to perform the TLS Bootstrap...")
259278

260-
// Write the ca certificate to disk so kubelet can use it for authentication
261-
cluster := cfg.Contexts[cfg.CurrentContext].Cluster
262-
err = certutil.WriteCert(j.cfg.CACertPath, cfg.Clusters[cluster].CertificateAuthorityData)
279+
kubeletKubeConfig := filepath.Join(kubeadmconstants.KubernetesDir, kubeadmconstants.KubeletKubeConfigFileName)
280+
281+
// Loop on every falsy return. Return with an error if raised. Exit successfully if true is returned.
282+
err := wait.PollImmediateInfinite(kubeadmconstants.APICallRetryInterval, func() (bool, error) {
283+
_, err := os.Stat(kubeletKubeConfig)
284+
return (err == nil), nil
285+
})
263286
if err != nil {
264-
return fmt.Errorf("couldn't save the CA certificate to disk: %v", err)
287+
return nil, err
265288
}
266289

267-
fmt.Fprintf(out, joinDoneMsgf)
268-
return nil
290+
return kubeconfigutil.ClientSetFromFile(kubeletKubeConfig)
269291
}

cmd/kubeadm/app/phases/kubelet/kubelet.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,9 @@ import (
3939

4040
// CreateBaseKubeletConfiguration creates base kubelet configuration for dynamic kubelet configuration feature.
4141
func CreateBaseKubeletConfiguration(cfg *kubeadmapi.MasterConfiguration, client clientset.Interface) error {
42+
fmt.Printf("[kubelet] Uploading a ConfigMap %q in namespace %s with base configuration for the kubelets in the cluster",
43+
kubeadmconstants.KubeletBaseConfigurationConfigMap, metav1.NamespaceSystem)
44+
4245
_, kubeletCodecs, err := kubeletconfigscheme.NewSchemeAndCodecs()
4346
if err != nil {
4447
return err
@@ -69,6 +72,9 @@ func CreateBaseKubeletConfiguration(cfg *kubeadmapi.MasterConfiguration, client
6972

7073
// UpdateNodeWithConfigMap updates node ConfigSource with KubeletBaseConfigurationConfigMap
7174
func UpdateNodeWithConfigMap(client clientset.Interface, nodeName string) error {
75+
fmt.Printf("[kubelet] Using Dynamic Kubelet Config for node %q; config sourced from ConfigMap %q in namespace %s",
76+
nodeName, kubeadmconstants.KubeletBaseConfigurationConfigMap, metav1.NamespaceSystem)
77+
7278
// Loop on every falsy return. Return with an error if raised. Exit successfully if true is returned.
7379
return wait.Poll(kubeadmconstants.APICallRetryInterval, kubeadmconstants.UpdateNodeTimeout, func() (bool, error) {
7480
node, err := client.CoreV1().Nodes().Get(nodeName, metav1.GetOptions{})

0 commit comments

Comments
 (0)