kubeadm: better default NodeName based on machine-id #52625
Conversation
k8s-ci-robot
added
size/M
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: anguslees Assign the PR to them by writing Associated issue: 144 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
|
Adding do-not-merge/release-note-label-needed because the release note process has not been followed. |
k8s-github-robot
added
the
do-not-merge/release-note-label-needed
|
Discuss. I appreciate that I'm walking into a minefield here. |
|
Other "better" defaults might be something based on POSIX The general idea is that a) we have lots of actually-unique identifiers around us to choose from, and b) it's only the default - the value will be "frozen" in the etcd node data, and presumably on the kubelet as the increasingly-inaccurately-named |
NodeName != hostname. - NodeName needs to be unique (cluster-wide) - System hostname (aka utsname.nodename) may not be unique, particularly on cloud providers that don't provide internal DNS (eg: openstack). - System hostname can change in response to DHCP/DNS replies (eg kubernetes/kubeadm#144) - NodeName does not need to resolve (historically this was true however) This patch alters the `--node-name` default to "node-%m" if `/etc/machine-id` is available, otherwise falls back to the existing hostname logic. Also: Rename the pre-flight `HostnameCheck` to `NodenameCheck` to reduce confusion, and remove the unnecessary warning when the NodeName fails to resolve.
anguslees
force-pushed
the
kubeadm-nodename
branch
from
ab56f70 to
f515e4e
Compare
|
@anguslees: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
@anguslees PR needs rebase |
k8s-github-robot
added
the
needs-rebase
|
@anguslees This would be a breaking change. Why would you like your machine id to be the node name? |
|
I agree with @luxas here. |
Hrm. I agree, but it shouldn't be. On the kubeadm side, this only changes the initial default used when joining a new node, and will have no effect on existing nodes. Nodes created under the old scheme can coexist with the new scheme just fine, since k8s just treats the nodename as an opaque unique identifier. The value we use here does have to be coordinated with the kubelet's value for Do we have an existing plan around kubelet bootstrap flags (required before dynamic kubelet conf can take over)? Shall I expand this PR to move this kubelet option into a distro-agnostic
For the reasons cited in the original comment: the machine id is unique and fixed for the lifetime of the root filesystem, unlike the system hostname. The system hostname is not a great choice for a unique ID. |
|
The use case here flummoxes me, and I'd like to close. @anguslees could you describe in more detail how the current configuration fails under a certain environment. |
|
@timothysc My apologies, I thought the use case was more broadly understood, and the original comment would be sufficient context - let me explain further: My personal example is a baremetal cluster composed of mixed coreos and an in-house minimal-image distro. The nodes are all PXE-installed and get addresses via DHCP. Nothing allocates unique hostnames for them in DNS, so they all have the default system hostname ( Another use case I have experience with is OpenStack clusters. There is no internal-DNS in typical openstack setups (unlike GCE, for example), and so configuring unique hostnames requires additional processes to ensure that openstack instance names are never reused (openstack instance names are not usually unique IDs). In addition, there are some (eg: DHCP, dynamic DNS) environments where the hostname is assigned by the network, and may change over the lifetime of the machine. For all these reasons, "hostname" is simply not a good source for a unique/static machine ID. This PR uses @timothysc Is that clearer? If this needs to be discussed in some other forum first, I would welcome a guide through the required bureaucracy. |
|
@anguslees Thanks for the details, but this more the exception than the norm. |
|
@timothysc I feel you haven't engaged with the central issue here that Would a combined solution be more palatable? We could append a unique value to |
|
The defaults work for 80% of standard use cases, and I understand that they don't work for a smaller subset. I'm ok with adding an option to allow an override, but not currently changing the default for now seems like a reasonable approach to get what you want. The reason I don't want to change the default is legacy operators are used to their setup and environment and don't have your specific issue b/c their hostnames are unique. I'm more concerned about standard UX, then strict correctness. |
|
time to close this? please reopen if needed /close |
NodeName != hostname.
particularly on cloud providers that don't provide internal DNS (eg:
openstack).
(eg Node names change after reboot from short hostname to fqdn kubeadm#144)
This patch alters the
--node-namedefault to "node-%m" if/etc/machine-idis available, otherwise falls back to the existinghostname logic.
Also: Rename the pre-flight
HostnameChecktoNodenameChecktoreduce confusion, and remove the unnecessary warning when the NodeName
fails to resolve.
What this PR does / why we need it:
Which issue this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close that issue when PR gets merged): fixes #Special notes for your reviewer:
Release note: