add a blog to introduce about kubeadm v1beta4 #47248
Conversation
k8s-ci-robot
added
do-not-merge/work-in-progress
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
k8s-ci-robot
added
size/L
✅ Pull request preview available for checkingBuilt without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify site configuration. |
✅ Pull request preview available for checkingBuilt without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify site configuration. |
| - For ClusterConfiguration, we add field including `CertificateValidityPeriod`, `CACertificateValidityPeriod`, `EncryptionAlgorithm`, `DNS.Disabled` and `Proxy.Disabled`. | ||
| - Support `ExtraEnvs` for all control plan components | ||
| - `ExtraArgs` changed from a map to structured extra arguments for duplicates | ||
| - Add a `Timeouts` structure for init, join, upgrade and reset. |
There was a problem hiding this comment.
Please always use the user-facing field names rather than the Go field names when possible. For example, say "imagePullSerial" instead of "ImagePullSerial".
There was a problem hiding this comment.
/cc @neolit123
Do we want to change the style here?
In https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta3/, the changes docs are using go fields like the release notes.
In https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta3/#resource-types and below, we use the user-facing field names.
There was a problem hiding this comment.
For clarification's purpose. The config API reference is NOT generated directly from the k/k repository for two reasons:
- The package in k/k/cmd/kubeadm is not importable from an external project.
- The comments in the source code are not documenting fields in the way users see them.
What you are reading from k/website is generated from github.com/tengqm/kubeconfig repo, where I manually copied the kubeadm api repository and manually synchronize whatever changes made to k/k/cmd/kubeadm/api.
The "changes" doc are using Go fields because I failed to perform a line-by-line checking when that API was introduced.
There was a problem hiding this comment.
Please always use the user-facing field names rather than the Go field names when possible. For example, say "imagePullSerial" instead of "ImagePullSerial".
i don't mind this format of using the JSON tags. this is something the docs team has been recommending to us on the blog and web pages and i agree with it.
Do we want to change the style here?
however for the style in the go.doc, that's also targeting developers, so i think field names also work.
we could make it simpler to use JSON field names everywhere. but that's like something we can do after 1.31 or another time.
There was a problem hiding this comment.
I add 41b8f05 to make most places using user facing field names.
| - For ClusterConfiguration, we add field including `CertificateValidityPeriod`, `CACertificateValidityPeriod`, `EncryptionAlgorithm`, `DNS.Disabled` and `Proxy.Disabled`. | ||
| - Support `ExtraEnvs` for all control plan components | ||
| - `ExtraArgs` changed from a map to structured extra arguments for duplicates | ||
| - Add a `Timeouts` structure for init, join, upgrade and reset. |
There was a problem hiding this comment.
Please always use the user-facing field names rather than the Go field names when possible. For example, say "imagePullSerial" instead of "ImagePullSerial".
i don't mind this format of using the JSON tags. this is something the docs team has been recommending to us on the blog and web pages and i agree with it.
Do we want to change the style here?
however for the style in the go.doc, that's also targeting developers, so i think field names also work.
we could make it simpler to use JSON field names everywhere. but that's like something we can do after 1.31 or another time.
k8s-ci-robot
added
the
sig/cluster-lifecycle
k8s-ci-robot
added
size/M
k8s-ci-robot
added
size/L
| The documentation is maintained in the | ||
| [code](https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/apis/kubeadm/v1beta4/doc.go) | ||
| and generated for the kubernetes.io website. |
There was a problem hiding this comment.
I don't think readers will want to know this detail.
| The documentation is maintained in the | |
| [code](https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/apis/kubeadm/v1beta4/doc.go) | |
| and generated for the kubernetes.io website. |
There was a problem hiding this comment.
OK to remove this. But for kube contributors, this is still a thing that they should know.
|
/hold OK to unhold once:
(wait for both conditions to be met) |
k8s-ci-robot
added
the
do-not-merge/hold
| - Add a `certificateValidityPeriod` and `caCertificateValidityPeriod` fields to `ClusterConfiguration`. These fields | ||
| can be used to control the validity period of certificates generated by kubeadm during sub-commands such as `init`, | ||
| `join`, `upgrade` and `certs`. Default values continue to be 1 year for non-CA certificates and 10 years for CA | ||
| certificates. Only non-CA certificates continue to be renewable by `kubeadm certs renew`. |
There was a problem hiding this comment.
That last sentence confuses me. Which of these do we mean:
- there is no change to which certificates you can renew using
kubeadm certs renew; as in previous minor releases, only leaf certificates can be renewed. - changed the behavior of
kubeadm certs renew. In kubeadm v1.31, you can only renew leaf certificates; if you need to renew or replace any CA certificate (either the trust anchor or an intermediate certificate), you must now find an alternative mechanism.
Let's help readers by rewording, so that only one meaning makes sense.
There was a problem hiding this comment.
The first one.
No behavior change here.
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: bffe6fc6ec20be5442b7dafb287e65d8ceac0182
|
There was a problem hiding this comment.
Filename nit; did you mean content/en/blog/_posts/2024-08-23-kubeadm-v1beta4.md?
k8s-ci-robot
removed
the
lgtm
|
/lgtm 🛑 Do not unhold until Kubernetes v1.31 is released 🛑 |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: 062f7ae1cb5828b48dc16824f6eef4025ac4c953
|
k8s-ci-robot
added
the
approved
🛑 Do not unhold until Kubernetes v1.31 is released 🛑 |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: SataQiu, sftim The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/unhold Kubernetes v1.31 has been released. |
k8s-ci-robot
removed
the
do-not-merge/hold
kubernetes/kubeadm#2890