-
Notifications
You must be signed in to change notification settings - Fork 716
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
handling of extraArgs which are allowed multiple times #1601
Comments
How about the following structure: ---
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
kubernetesVersion: 1.14.2
apiServer:
extraArgs:
- name: "tls-sni-cert-key"
value: "/etc/kubernetes/pki/apiserver.crt,/etc/kubernetes/pki/apiserver.key"
- name: "tls-sni-cert-key"
value: "/etc/kubernetes/pki/mycert.crt,/etc/kubernetes/pki/mykey.key" |
@zbindenren |
for now you'd have to patch your manifest files manually after they are created. there is a WIP alpha feature for 1.16 that will allow you to customize static pods using patches: but i'm keeping this issue open in case we figure a good way to allow multiple keys with the same name. |
@creation-shin-chan that does not actually work. This was just a proposition how it could be implemented. |
@zbindenren In kube-apiserver.yaml manifest (in /etc/kubernetes/manifests), I added these lines.
Therefore, I need So I tried adding At the moment, I need to add the public keys into a single file or manually add |
yes, upgrade will overwrite the existing manifests on disk. that is because it uses the CluserConfiguration in the kubeadm-config ConfigMap as the source of truth and the ClusterConfiguration does not support multiple keys with the same name in a map. please note that using ticket for cluster reconf #970 as mentioned kustomize patches will allow you to patch your changes and preserve them during init and uprade: |
merging with #1413 |
@neolit123 I'm seeing the same issue with I'm not clear how patching afterwards using |
@hickeng |
👀 |
marking as |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
/remove-lifecycle stale |
Facing the same issue with kubeadm |
for now you have to patch your YAML manually or it should be possible with the |
@neolit123 any plan to change the type arg struct {
key string
value string
} instead of |
we haven't made this fix because it also has to change in the latest API v1beta3. |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
/remove-lifecycle stale |
/remove-lifecycle stale |
How about
|
Just note we are planning to release v1beta4 in 1.29 release, this is potentially a candidate to fix in the 1.29. Now that we will release a new API, we can just update the
to something like ExtraArgs []Args {
Name string
Value string
} and update all the impacted feature and code path, e.g. |
/help for anyone who want to take this, pls assign this to yourself. |
@chendave: GuidelinesPlease ensure that the issue body includes answers to the following questions:
For more details on the requirements of such an issue, please see here and ensure that they are met. If this request no longer meets these requirements, the label can be removed In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign |
@ruquanzhao
|
The current implementation of
extraArgs
in theControlPlaneComponent
is backed by amap[string]string
type and this leads to some problems we're currently facing. For example the api-server allows some arguments multiple times (--service-account-key-file
and--tls-sni-cert-key
). We can't handle this with theextraArgs
type as it is a map which of course does not allow the same key twice and thus overrides previous declarations.Example:
(This is probably also a problem for other control plane components but I haven't checked that.)
Our current approach to solve this, is to "patch" the api-server manifest after the initial setup with kubeadm is complete (ansible playbook). This works quite well as a workaround, but I think kubeadm should allow us to solve this without the need to touch the generated kube-apiserver manifest.
Originally posted by @ghouscht in #1439 (comment)
EDIT by neolit123
implemented in this PR for v1beta4
kubeadm add support for structured ExtraArgs kubernetes#119156
optimize argument.go logic
kubeadm: Optimize the logic to override the arguments kubernetes#121020
TODO
the same problem happens for CLI flags:
kubeadm init phase for apiserver does not accept multi valued flag in extra-args #1413
see the discussion there.
The text was updated successfully, but these errors were encountered: