diff --git a/bootstrap/kubeadm/api/v1beta1/kubeadm_types.go b/bootstrap/kubeadm/api/v1beta1/kubeadm_types.go index 458eefaa24f9..09f44c88f555 100644 --- a/bootstrap/kubeadm/api/v1beta1/kubeadm_types.go +++ b/bootstrap/kubeadm/api/v1beta1/kubeadm_types.go @@ -226,7 +226,7 @@ type BottlerocketKubernetesSettings struct { // ContainerLogMaxFiles specifies the maximum number of container log // files that can be present for a container - ContainerLogMaxFiles int `json:"containerLogMaxFiles,omitempty"` + ContainerLogMaxFiles *int `json:"containerLogMaxFiles,omitempty"` // ContainerLogMaxSize is a quantity defining the maximum size of // the container log file before it is rotated @@ -246,17 +246,17 @@ type BottlerocketKubernetesSettings struct { CPUManagerReconcilePeriod *v1.Duration `json:"cpuManagerReconcilePeriod,omitempty"` // EventBurst is the maximum size of a burst of event creations. - EventBurst int `json:"eventBurst,omitempty"` + EventBurst *int `json:"eventBurst,omitempty"` // EventRecordQPS is the maximum event creations per second. - EventRecordQPS int `json:"eventRecordQPS,omitempty"` + EventRecordQPS *int `json:"eventRecordQPS,omitempty"` // EvictionHard is a map of signal names to quantities that defines hard eviction thresholds. EvictionHard map[string]string `json:"evictionHard,omitempty"` // EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use // when terminating pods in response to a soft eviction threshold being met. - EvictionMaxPodGracePeriod int `json:"evictionMaxPodGracePeriod,omitempty"` + EvictionMaxPodGracePeriod *int `json:"evictionMaxPodGracePeriod,omitempty"` // EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds. EvictionSoft map[string]string `json:"evictionSoft,omitempty"` @@ -267,38 +267,35 @@ type BottlerocketKubernetesSettings struct { // ImageGCHighThresholdPercent is the percent of disk usage after which image garbage // collection is always run. - ImageGCHighThresholdPercent int `json:"imageGCHighThresholdPercent,omitempty"` + ImageGCHighThresholdPercent *int `json:"imageGCHighThresholdPercent,omitempty"` // ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. - ImageGCLowThresholdPercent int `json:"imageGCLowThresholdPercent,omitempty"` + ImageGCLowThresholdPercent *int `json:"imageGCLowThresholdPercent,omitempty"` // KubeAPIBurst is the burst to allow while talking with kubernetes API server. - KubeAPIBurst int `json:"kubeAPIBurst,omitempty"` + KubeAPIBurst *int `json:"kubeAPIBurst,omitempty"` // KubeAPIQPS is the QPS to use while talking with kubernetes apiserver. - KubeAPIQPS int `json:"kubeAPIQPS,omitempty"` + KubeAPIQPS *int `json:"kubeAPIQPS,omitempty"` // KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources // reserved for kubernetes system components KubeReserved map[string]string `json:"kubeReserved,omitempty"` // MaxPods defines the maximum number of pods that can run on a node. - MaxPods int `json:"maxPods,omitempty"` + MaxPods *int `json:"maxPods,omitempty"` // MemoryManagerPolicy is the name of the policy to use by memory manager. MemoryManagerPolicy string `json:"memoryManagerPolicy,omitempty"` // PodPidsLimit is the maximum number of PIDs in any pod. - PodPidsLimit int64 `json:"podPidsLimit,omitempty"` - - // ProviderID sets the unique ID of the instance that an external provider. - ProviderID string `json:"providerID,omitempty"` + PodPidsLimit *int64 `json:"podPidsLimit,omitempty"` // RegistryBurst is the maximum size of bursty pulls. - RegistryBurst int `json:"registryBurst,omitempty"` + RegistryBurst *int `json:"registryBurst,omitempty"` // RegistryPullQPS is the limit of registry pulls per second. - RegistryPullQPS int `json:"registryPullQPS,omitempty"` + RegistryPullQPS *int `json:"registryPullQPS,omitempty"` // ShutdownGracePeriod specifies the total duration that the node should delay // the shutdown and total grace period for pod termination during a node shutdown. @@ -470,7 +467,6 @@ type APIEndpoint struct { // NodeRegistrationOptions holds fields that relate to registering a new control-plane or node to the cluster, either via "kubeadm init" or "kubeadm join". // Note: The NodeRegistrationOptions struct has to be kept in sync with the structs in MarshalJSON. type NodeRegistrationOptions struct { - // Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. // This field is also used in the CommonName field of the kubelet's client certificate to the API server. // Defaults to the hostname of the node if not provided. diff --git a/bootstrap/kubeadm/api/v1beta1/zz_generated.deepcopy.go b/bootstrap/kubeadm/api/v1beta1/zz_generated.deepcopy.go index 7eb64c625dc3..9c14390f1860 100644 --- a/bootstrap/kubeadm/api/v1beta1/zz_generated.deepcopy.go +++ b/bootstrap/kubeadm/api/v1beta1/zz_generated.deepcopy.go @@ -288,6 +288,11 @@ func (in *BottlerocketKubernetesSettings) DeepCopyInto(out *BottlerocketKubernet *out = make([]string, len(*in)) copy(*out, *in) } + if in.ContainerLogMaxFiles != nil { + in, out := &in.ContainerLogMaxFiles, &out.ContainerLogMaxFiles + *out = new(int) + **out = **in + } if in.CPUCFSQuota != nil { in, out := &in.CPUCFSQuota, &out.CPUCFSQuota *out = new(bool) @@ -305,6 +310,16 @@ func (in *BottlerocketKubernetesSettings) DeepCopyInto(out *BottlerocketKubernet *out = new(v1.Duration) **out = **in } + if in.EventBurst != nil { + in, out := &in.EventBurst, &out.EventBurst + *out = new(int) + **out = **in + } + if in.EventRecordQPS != nil { + in, out := &in.EventRecordQPS, &out.EventRecordQPS + *out = new(int) + **out = **in + } if in.EvictionHard != nil { in, out := &in.EvictionHard, &out.EvictionHard *out = make(map[string]string, len(*in)) @@ -312,6 +327,11 @@ func (in *BottlerocketKubernetesSettings) DeepCopyInto(out *BottlerocketKubernet (*out)[key] = val } } + if in.EvictionMaxPodGracePeriod != nil { + in, out := &in.EvictionMaxPodGracePeriod, &out.EvictionMaxPodGracePeriod + *out = new(int) + **out = **in + } if in.EvictionSoft != nil { in, out := &in.EvictionSoft, &out.EvictionSoft *out = make(map[string]string, len(*in)) @@ -326,6 +346,26 @@ func (in *BottlerocketKubernetesSettings) DeepCopyInto(out *BottlerocketKubernet (*out)[key] = val } } + if in.ImageGCHighThresholdPercent != nil { + in, out := &in.ImageGCHighThresholdPercent, &out.ImageGCHighThresholdPercent + *out = new(int) + **out = **in + } + if in.ImageGCLowThresholdPercent != nil { + in, out := &in.ImageGCLowThresholdPercent, &out.ImageGCLowThresholdPercent + *out = new(int) + **out = **in + } + if in.KubeAPIBurst != nil { + in, out := &in.KubeAPIBurst, &out.KubeAPIBurst + *out = new(int) + **out = **in + } + if in.KubeAPIQPS != nil { + in, out := &in.KubeAPIQPS, &out.KubeAPIQPS + *out = new(int) + **out = **in + } if in.KubeReserved != nil { in, out := &in.KubeReserved, &out.KubeReserved *out = make(map[string]string, len(*in)) @@ -333,6 +373,26 @@ func (in *BottlerocketKubernetesSettings) DeepCopyInto(out *BottlerocketKubernet (*out)[key] = val } } + if in.MaxPods != nil { + in, out := &in.MaxPods, &out.MaxPods + *out = new(int) + **out = **in + } + if in.PodPidsLimit != nil { + in, out := &in.PodPidsLimit, &out.PodPidsLimit + *out = new(int64) + **out = **in + } + if in.RegistryBurst != nil { + in, out := &in.RegistryBurst, &out.RegistryBurst + *out = new(int) + **out = **in + } + if in.RegistryPullQPS != nil { + in, out := &in.RegistryPullQPS, &out.RegistryPullQPS + *out = new(int) + **out = **in + } if in.ShutdownGracePeriod != nil { in, out := &in.ShutdownGracePeriod, &out.ShutdownGracePeriod *out = new(v1.Duration) diff --git a/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml b/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml index 52fee9cd1921..851c3a7dfa31 100644 --- a/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml +++ b/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml @@ -3317,10 +3317,6 @@ spec: in any pod. format: int64 type: integer - providerID: - description: ProviderID sets the unique ID of the instance - that an external provider. - type: string registryBurst: description: RegistryBurst is the maximum size of bursty pulls. @@ -4343,10 +4339,6 @@ spec: in any pod. format: int64 type: integer - providerID: - description: ProviderID sets the unique ID of the instance - that an external provider. - type: string registryBurst: description: RegistryBurst is the maximum size of bursty pulls. diff --git a/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigtemplates.yaml b/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigtemplates.yaml index 2e32c47643a8..33edd901a8e4 100644 --- a/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigtemplates.yaml +++ b/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigtemplates.yaml @@ -3295,10 +3295,6 @@ spec: of PIDs in any pod. format: int64 type: integer - providerID: - description: ProviderID sets the unique ID of - the instance that an external provider. - type: string registryBurst: description: RegistryBurst is the maximum size of bursty pulls. @@ -4344,10 +4340,6 @@ spec: of PIDs in any pod. format: int64 type: integer - providerID: - description: ProviderID sets the unique ID of - the instance that an external provider. - type: string registryBurst: description: RegistryBurst is the maximum size of bursty pulls. diff --git a/bootstrap/kubeadm/internal/bottlerocket/bootstrap.go b/bootstrap/kubeadm/internal/bottlerocket/bootstrap.go index 8756d7473d19..4e8b21292729 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bootstrap.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bootstrap.go @@ -3,139 +3,6 @@ package bottlerocket const ( - kubernetesInitTemplate = `{{ define "kubernetesInitSettings" -}} -[settings.kubernetes] -{{- if .ClusterDomain }} -cluster-domain = "{{.ClusterDomain}}" -{{- else }} -cluster-domain = "cluster.local" -{{- end }} -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "{{.PauseContainerSource}}" -{{- if (ne .ProviderID "")}} -provider-id = "{{.ProviderID}}" -{{- end -}} -{{- if .AllowedUnsafeSysctls }} -allowed-unsafe-sysctls = [{{stringsJoin .AllowedUnsafeSysctls ", " }}] -{{- end -}} -{{- if .ClusterDNSIPs }} -cluster-dns-ip = [{{stringsJoin .ClusterDNSIPs ", " }}] -{{- end -}} -{{- if ne .CPUCFSQuota nil }} -cpu-cfs-quota-enforced = {{ .CPUCFSQuota }} -{{- end -}} -{{- if .MaxPods }} -max-pods = {{.MaxPods}} -{{- end -}} -{{- if .ContainerLogMaxFiles }} -container-log-max-files = {{.ContainerLogMaxFiles}} -{{- end -}} -{{- if .ContainerLogMaxSize }} -container-log-max-size = "{{.ContainerLogMaxSize}}" -{{- end -}} -{{- if .CPUManagerPolicy }} -cpu-manager-policy = "{{.CPUManagerPolicy}}" -{{- if .CPUManagerPolicyOptions }} -{{- range $key, $value := .CPUManagerPolicyOptions }} -{{- if (eq $key "full-pcpus-only")}} -cpu-manager-policy-options = ["{{ $key }}"] -{{- end }} -{{- end }} -{{- end }} -{{- end }} -{{- if .CPUManagerReconcilePeriod }} -cpu-manager-reconcile-period = {{.CPUManagerReconcilePeriod}} -{{- end -}} -{{- if .EventBurst }} -event-burst = {{.EventBurst}} -{{- end -}} -{{- if .EventRecordQPS }} -event-qps = {{.EventRecordQPS}} -{{- end -}} -{{- if .EvictionMaxPodGracePeriod }} -eviction-max-pod-grace-period = {{.EvictionMaxPodGracePeriod}} -{{- end -}} -{{- if .ImageGCHighThresholdPercent }} -image-gc-high-threshold-percent = {{.ImageGCHighThresholdPercent}} -{{- end -}} -{{- if .ImageGCLowThresholdPercent }} -image-gc-low-threshold-percent = {{.ImageGCLowThresholdPercent}} -{{- end -}} -{{- if .KubeAPIBurst }} -kube-api-burst = {{.KubeAPIBurst}} -{{- end -}} -{{- if .KubeAPIQPS }} -kube-api-qps = {{.KubeAPIQPS}} -{{- end -}} -{{- if .MemoryManagerPolicy }} -memory-manager-policy = "{{.MemoryManagerPolicy}}" -{{- end -}} -{{- if .PodPidsLimit }} -pod-pids-limit = {{.PodPidsLimit}} -{{- end -}} -{{- if .RegistryBurst }} -registry-burst = {{.RegistryBurst}} -{{- end -}} -{{- if .RegistryPullQPS }} -registry-qps = {{.RegistryPullQPS}} -{{- end -}} -{{- if .ShutdownGracePeriod }} -shutdown-grace-period = {{.ShutdownGracePeriod}} -{{- end -}} -{{- if .ShutdownGracePeriodCriticalPods }} -shutdown-grace-period-for-critical-pods = {{.ShutdownGracePeriodCriticalPods}} -{{- end -}} -{{- if .TopologyManagerPolicy }} -topology-manager-policy = "{{.TopologyManagerPolicy}}" -{{- end -}} -{{- if .TopologyManagerScope }} -topology-manager-scope = "{{.TopologyManagerScope}}" -{{- end -}} -{{- end -}} -` - - evictionHardTemplate = `{{ define "evictionHardSettings" -}} -[settings.kubernetes.eviction-hard] -{{- range $key, $value := .EvictionHard }} -"{{ $key }}" = "{{ $value }}" -{{- end }} -{{- end }} -` - - evictionSoftTemplate = `{{ define "evictionSoftSettings" -}} -[settings.kubernetes.eviction-soft] -{{- range $key, $value := .EvictionSoft }} -"{{ $key }}" = "{{ $value }}" -{{- end }} -{{- end }} -` - - evictionSoftGracePeriodTemplate = `{{ define "evictionSoftGracePeriodSettings" -}} -[settings.kubernetes.eviction-soft-grace-period] -{{- range $key, $value := .EvictionSoftGracePeriod }} -"{{ $key }}" = "{{ $value }}" -{{- end }} -{{- end }} -` - - kubeReservedTemplate = `{{ define "kubeReservedSettings" -}} -[settings.kubernetes.kube-reserved] -{{- range $key, $value := .KubeReserved }} -{{ $key }} = "{{ $value }}" -{{- end }} -{{- end }} -` - - systemReservedTemplate = `{{ define "systemReservedSettings" -}} -[settings.kubernetes.system-reserved] -{{- range $key, $value := .SystemReserved }} -{{ $key }} = "{{ $value }}" -{{- end -}} -{{- end -}} -` - hostContainerTemplate = `{{define "hostContainerSettings" -}} [settings.host-containers.{{.Name}}] enabled = true @@ -174,15 +41,6 @@ user-data = "{{.UserData}}" {{template "bootstrapContainerSettings" $bContainer }} {{- end -}} {{- end -}} -` - networkInitTemplate = `{{ define "networkInitSettings" -}} -[settings.network] -hostname = "{{.Hostname}}" -{{- if (ne .HTTPSProxyEndpoint "")}} -https-proxy = "{{.HTTPSProxyEndpoint}}" -no-proxy = [{{stringsJoin .NoProxyEndpoints "," }}] -{{- end -}} -{{- end -}} ` registryMirrorTemplate = `{{ define "registryMirrorSettings" -}} {{- range $orig, $mirror := .RegistryMirrorMap }} @@ -234,20 +92,6 @@ time-servers = [{{stringsJoin .NTPServers ", " }}] {{- end -}} ` - sysctlSettingsTemplate = `{{ define "sysctlSettingsTemplate" -}} -[settings.kernel.sysctl] -{{.SysctlSettings}} -{{- end -}} -` - - bootSettingsTemplate = `{{ define "bootSettings" -}} -[settings.boot] -reboot-to-reconcile = true - -[settings.boot.kernel-parameters] -{{.BootKernel}} -{{- end -}} -` certsTemplate = `{{ define "certsSettings" -}} [settings.pki.{{.Name}}] data = "{{.Data}}" @@ -263,30 +107,6 @@ trusted = true bottlerocketNodeInitSettingsTemplate = `{{template "hostContainerSlice" .}} -{{template "kubernetesInitSettings" .}} - -{{- if .EvictionHard}} -{{template "evictionHardSettings" .}} -{{- end}} - -{{- if .EvictionSoft}} -{{template "evictionSoftSettings" .}} -{{- end}} - -{{- if .EvictionSoftGracePeriod}} -{{template "evictionSoftGracePeriodSettings" .}} -{{- end}} - -{{- if .KubeReserved}} -{{template "kubeReservedSettings" .}} -{{- end}} - -{{- if .SystemReserved}} -{{template "systemReservedSettings" .}} -{{- end}} - -{{template "networkInitSettings" .}} - {{- if .BootstrapContainers}} {{template "bootstrapContainerSlice" .}} {{- end -}} @@ -315,14 +135,6 @@ trusted = true {{template "ntpSettings" .}} {{- end -}} -{{- if (ne .SysctlSettings "")}} -{{template "sysctlSettingsTemplate" .}} -{{- end -}} - -{{- if .BootKernel}} -{{template "bootSettings" .}} -{{- end -}} - {{- if .CertBundles}} {{template "certBundlesSlice" .}} {{- end -}} diff --git a/bootstrap/kubeadm/internal/bottlerocket/bootstrap_test.go b/bootstrap/kubeadm/internal/bottlerocket/bootstrap_test.go index 3c2007bb71b6..28832b0d1a9c 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bootstrap_test.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bootstrap_test.go @@ -13,7 +13,17 @@ import ( ) const ( - minimalUserData = ` + minimalUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" + [settings.host-containers.admin] enabled = true superpowered = true @@ -23,20 +33,19 @@ user-data = "CnsKCSJzc2giOiB7CgkJImF1dGhvcml6ZWQta2V5cyI6IFsic3NoLXJzYSBBQUEuLi4 enabled = true superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" -user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" - -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" +user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ=="` + + nodeLabelslUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" -[settings.network] -hostname = "hostname"` - - nodeLabelslUserData = ` [settings.host-containers.admin] enabled = true superpowered = true @@ -47,24 +56,23 @@ enabled = true superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" - -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" [settings.kubernetes.node-labels] "KEY1" = "VAL1" "KEY2" = "VAL2" "KEY3" = "VAL3" ` - taintsUserData = ` + taintsUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" + [settings.host-containers.admin] enabled = true superpowered = true @@ -75,22 +83,23 @@ enabled = true superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" - -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" [settings.kubernetes.node-taints] "KEY1" = ["VAL1:NoSchedule"] ` - proxyUserData = ` + proxyUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" + https-proxy = "HTTPS_PROXY" + no-proxy = ["no_proxy1", "no_proxy2", "no_proxy3"] + [settings.host-containers.admin] enabled = true superpowered = true @@ -100,22 +109,19 @@ user-data = "CnsKCSJzc2giOiB7CgkJImF1dGhvcml6ZWQta2V5cyI6IFsic3NoLXJzYSBBQUEuLi4 enabled = true superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" -user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" - -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" +user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ=="` + + registryMirrorUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" -[settings.network] -hostname = "hostname" -https-proxy = "HTTPS_PROXY" -no-proxy = ["no_proxy1","no_proxy2","no_proxy3"]` - - registryMirrorUserData = ` [settings.host-containers.admin] enabled = true superpowered = true @@ -127,17 +133,6 @@ superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" - [[settings.container-registry.mirrors]] registry = "public.ecr.aws" endpoint = ["REGISTRY_ENDPOINT"] @@ -145,7 +140,17 @@ endpoint = ["REGISTRY_ENDPOINT"] data = "UkVHSVNUUllfQ0E=" trusted=true` - registryMirrorAndAuthUserData = ` + registryMirrorAndAuthUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" + [settings.host-containers.admin] enabled = true superpowered = true @@ -157,17 +162,6 @@ superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" - [[settings.container-registry.mirrors]] registry = "public.ecr.aws" endpoint = ["REGISTRY_ENDPOINT"] @@ -184,7 +178,17 @@ registry = "REGISTRY_ENDPOINT" username = "admin" password = "pass"` - ntpUserData = ` + ntpUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" + [settings.host-containers.admin] enabled = true superpowered = true @@ -195,47 +199,20 @@ enabled = true superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" - -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" [settings.ntp] time-servers = ["1.2.3.4", "time-a.capi.com", "time-b.capi.com"]` - kubernetesSettingsUserData = ` -[settings.host-containers.admin] -enabled = true -superpowered = true -source = "ADMIN_REPO:ADMIN_TAG" -user-data = "CnsKCSJzc2giOiB7CgkJImF1dGhvcml6ZWQta2V5cyI6IFsic3NoLXJzYSBBQUEuLi4iXQoJfQp9" -[settings.host-containers.kubeadm-bootstrap] -enabled = true -superpowered = true -source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" -user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" + customBootstrapUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" -allowed-unsafe-sysctls = ["net.core.somaxconn", "net.ipv4.ip_local_port_range"] -cluster-dns-ip = ["1.2.3.4", "4.3.2.1"] -max-pods = 100 - -[settings.network] -hostname = "hostname"` - - customBootstrapUserData = ` [settings.host-containers.admin] enabled = true superpowered = true @@ -245,24 +222,27 @@ enabled = true superpowered = true user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" - [settings.bootstrap-containers.BOOTSTRAP] essential = false mode = "MODE" source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" user-data = "BOOTSTRAP_B6_4USERDATA"` - kernelSettingsUserData = ` + kernelSettingsUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.kernel] + [settings.kernel.sysctl] + abc = "def" + foo = "bar" + [settings.network] + hostname = "hostname" + [settings.host-containers.admin] enabled = true superpowered = true @@ -272,24 +252,24 @@ user-data = "CnsKCSJzc2giOiB7CgkJImF1dGhvcml6ZWQta2V5cyI6IFsic3NoLXJzYSBBQUEuLi4 enabled = true superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" -user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" +user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ=="` + + BootSettingsUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.boot] + reboot-to-reconcile = true + [settings.boot.kernel-parameters] + abc = ["def", "123"] + foo = ["bar"] + [settings.network] + hostname = "hostname" -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" -[settings.kernel.sysctl] -"foo" = "bar" -"abc" = "def" -` - - BootSettingsUserData = ` [settings.host-containers.admin] enabled = true superpowered = true @@ -299,27 +279,19 @@ user-data = "CnsKCSJzc2giOiB7CgkJImF1dGhvcml6ZWQta2V5cyI6IFsic3NoLXJzYSBBQUEuLi4 enabled = true superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" -user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" +user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ=="` + + userDataWithCertBundle = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" -[settings.boot] -reboot-to-reconcile = true - -[settings.boot.kernel-parameters] -"abc" = ["def","123"] -"foo" = ["bar"] -` - - userDataWithCertBundle = ` [settings.host-containers.admin] enabled = true superpowered = true @@ -331,17 +303,6 @@ superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" - [settings.pki.bundle1] data = "QUJDREVG" trusted = true @@ -349,7 +310,17 @@ trusted = true data = "MTIzNDU2" trusted = true` - registryMirrorMultipleMirrorsUserData = ` + registryMirrorMultipleMirrorsUserData = `[settings] + [settings.kubernetes] + authentication-mode = "tls" + cluster-domain = "cluster.local" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + provider-id = "PROVIDERID" + server-tls-bootstrap = false + standalone-mode = true + [settings.network] + hostname = "hostname" + [settings.host-containers.admin] enabled = true superpowered = true @@ -361,17 +332,6 @@ superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" -[settings.kubernetes] -cluster-domain = "cluster.local" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" - -[settings.network] -hostname = "hostname" - [[settings.container-registry.mirrors]] registry = "docker.io" endpoint = ["REGISTRY_ENDPOINT"] @@ -382,7 +342,53 @@ endpoint = ["REGISTRY_ENDPOINT"] data = "UkVHSVNUUllfQ0E=" trusted=true` - kubernetesSettingsUserDataCPU = ` + kubernetesSettingsUserDataCPU = `[settings] + [settings.kubernetes] + allowed-unsafe-sysctls = ["net.core.somaxconn", "net.ipv4.ip_local_port_range"] + authentication-mode = "tls" + cluster-dns-ip = ["1.2.3.4", "4.3.2.1"] + cluster-domain = "cluster.local2" + container-log-max-files = 50 + container-log-max-size = "5Mi" + cpu-cfs-quota-enforced = false + cpu-manager-policy = "static" + cpu-manager-policy-options = ["full-pcpus-only"] + cpu-manager-reconcile-period = "10s" + event-burst = 50 + event-qps = 50 + eviction-max-pod-grace-period = 50 + image-gc-high-threshold-percent = 50 + image-gc-low-threshold-percent = 50 + kube-api-burst = 50 + kube-api-qps = 50 + max-pods = 50 + memory-manager-policy = "Static" + pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" + pod-pids-limit = 50 + provider-id = "PROVIDERID" + registry-burst = 50 + registry-qps = 50 + server-tls-bootstrap = false + shutdown-grace-period = "15s" + shutdown-grace-period-for-critical-pods = "20s" + standalone-mode = true + topology-manager-policy = "restricted" + topology-manager-scope = "pod" + [settings.kubernetes.eviction-hard] + "memory.available" = "15%" + [settings.kubernetes.eviction-soft] + "memory.available" = "12%" + [settings.kubernetes.eviction-soft-grace-period] + "memory.available" = "30s" + [settings.kubernetes.kube-reserved] + cpu = "20m" + [settings.kubernetes.system-reserved] + cpu = "10m" + ephemeral-storage = "1Gi" + memory = "100Mi" + [settings.network] + hostname = "hostname" + [settings.host-containers.admin] enabled = true superpowered = true @@ -392,50 +398,7 @@ user-data = "CnsKCSJzc2giOiB7CgkJImF1dGhvcml6ZWQta2V5cyI6IFsic3NoLXJzYSBBQUEuLi4 enabled = true superpowered = true source = "BOOTSTRAP_REPO:BOOTSTRAP_TAG" -user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ==" - -[settings.kubernetes] -cluster-domain = "cluster.local2" -standalone-mode = true -authentication-mode = "tls" -server-tls-bootstrap = false -pod-infra-container-image = "PAUSE_REPO:PAUSE_TAG" -provider-id = "PROVIDERID" -cpu-cfs-quota-enforced = false -container-log-max-files = 10 -container-log-max-size = "5Mi" -cpu-manager-policy = "static" -cpu-manager-policy-options = ["full-pcpus-only"] -cpu-manager-reconcile-period = 10s -event-burst = 200 -event-qps = 100 -eviction-max-pod-grace-period = 10 -image-gc-high-threshold-percent = 26 -image-gc-low-threshold-percent = 19 -kube-api-burst = 80 -memory-manager-policy = "Static" -pod-pids-limit = 10 -registry-burst = 11 -registry-qps = 1 -shutdown-grace-period = 15s -shutdown-grace-period-for-critical-pods = 20s -topology-manager-policy = "restricted" -topology-manager-scope = "pod" -[settings.kubernetes.eviction-hard] -"memory.available" = "15%" -[settings.kubernetes.eviction-soft] -"memory.available" = "12%" -[settings.kubernetes.eviction-soft-grace-period] -"memory.available" = "30s" -[settings.kubernetes.kube-reserved] -cpu = "20m" -[settings.kubernetes.system-reserved] -cpu = "10m" -ephemeral-storage = "1Gi" -memory = "100Mi" - -[settings.network] -hostname = "hostname"` +user-data = "Qk9UVExFUk9DS0VUX0JPT1RTVFJBUF9VU0VSREFUQQ=="` ) var ( @@ -484,6 +447,8 @@ func TestGetBottlerocketNodeUserData(t *testing.T) { g := NewWithT(t) hostname := "hostname" brBootstrapUserdata := []byte("BOTTLEROCKET_BOOTSTRAP_USERDATA") + count := 50 + count64 := int64(50) testcases := []struct { name string @@ -610,32 +575,6 @@ func TestGetBottlerocketNodeUserData(t *testing.T) { }, output: ntpUserData, }, - { - name: "with kubernetes settings", - config: &BottlerocketConfig{ - BottlerocketAdmin: brAdmin, - BottlerocketBootstrap: brBootstrap, - Hostname: hostname, - Pause: pause, - KubeletExtraArgs: map[string]string{ - "provider-id": "PROVIDERID", - }, - BottlerocketSettings: &bootstrapv1.BottlerocketSettings{ - Kubernetes: &bootstrapv1.BottlerocketKubernetesSettings{ - MaxPods: 100, - ClusterDNSIPs: []string{ - "1.2.3.4", - "4.3.2.1", - }, - AllowedUnsafeSysctls: []string{ - "net.core.somaxconn", - "net.ipv4.ip_local_port_range", - }, - }, - }, - }, - output: kubernetesSettingsUserData, - }, { name: "with custom bootstrap containers", config: &BottlerocketConfig{ @@ -745,7 +684,7 @@ func TestGetBottlerocketNodeUserData(t *testing.T) { output: registryMirrorMultipleMirrorsUserData, }, { - name: "with cpu manager policy options", + name: "with kubernetes settings", config: &BottlerocketConfig{ BottlerocketAdmin: brAdmin, BottlerocketBootstrap: brBootstrap, @@ -756,8 +695,12 @@ func TestGetBottlerocketNodeUserData(t *testing.T) { }, BottlerocketSettings: &bootstrapv1.BottlerocketSettings{ Kubernetes: &bootstrapv1.BottlerocketKubernetesSettings{ + AllowedUnsafeSysctls: []string{ + "net.core.somaxconn", "net.ipv4.ip_local_port_range", + }, + ClusterDNSIPs: []string{"1.2.3.4", "4.3.2.1"}, ClusterDomain: "cluster.local2", - ContainerLogMaxFiles: 10, + ContainerLogMaxFiles: &count, ContainerLogMaxSize: "5Mi", CPUCFSQuota: pointer.Bool(false), CPUManagerPolicy: "static", @@ -767,28 +710,30 @@ func TestGetBottlerocketNodeUserData(t *testing.T) { CPUManagerReconcilePeriod: &v1.Duration{ Duration: 10 * time.Second, }, - EventBurst: 200, - EventRecordQPS: 100, + EventBurst: &count, + EventRecordQPS: &count, EvictionHard: map[string]string{ "memory.available": "15%", }, - EvictionMaxPodGracePeriod: 10, + EvictionMaxPodGracePeriod: &count, EvictionSoft: map[string]string{ "memory.available": "12%", }, EvictionSoftGracePeriod: map[string]string{ "memory.available": "30s", }, - ImageGCHighThresholdPercent: 26, - ImageGCLowThresholdPercent: 19, - KubeAPIBurst: 80, + ImageGCHighThresholdPercent: &count, + ImageGCLowThresholdPercent: &count, + KubeAPIBurst: &count, + KubeAPIQPS: &count, KubeReserved: map[string]string{ "cpu": "20m", }, + MaxPods: &count, MemoryManagerPolicy: "Static", - PodPidsLimit: 10, - RegistryBurst: 11, - RegistryPullQPS: 1, + PodPidsLimit: &count64, + RegistryBurst: &count, + RegistryPullQPS: &count, ShutdownGracePeriod: &v1.Duration{ Duration: 15 * time.Second, }, @@ -811,7 +756,6 @@ func TestGetBottlerocketNodeUserData(t *testing.T) { for _, testcase := range testcases { t.Run(testcase.name, func(t *testing.T) { b, err := getBottlerocketNodeUserData(brBootstrapUserdata, users, testcase.config) - g.Expect(err).NotTo(HaveOccurred()) g.Expect(string(b)).To(Equal(testcase.output)) }) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go index ceab3c5e55ac..ae34b6126890 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -9,6 +9,7 @@ import ( "strings" "text/template" + "github.com/BurntSushi/toml" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" "sigs.k8s.io/yaml" @@ -44,54 +45,95 @@ type BottlerocketConfig struct { // SettingsInput is the input for the Bottlerocket settings template. type SettingsInput struct { - PauseContainerSource string - HTTPSProxyEndpoint string - NoProxyEndpoints []string - RegistryMirrorEndpoint string - RegistryMirrorCACert string - RegistryMirrorUsername string - RegistryMirrorPassword string - NodeLabels string - NTPServers []string - Taints string - ProviderID string - Hostname string - AllowedUnsafeSysctls []string - ClusterDNSIPs []string - MaxPods int - BootKernel string - HostContainers []bootstrapv1.BottlerocketHostContainer - BootstrapContainers []bootstrapv1.BottlerocketBootstrapContainer - SysctlSettings string - CertBundles []bootstrapv1.CertBundle - RegistryMirrorMap map[string][]string - ClusterDomain string - ContainerLogMaxFiles int - ContainerLogMaxSize string - CPUCFSQuota *bool - CPUManagerPolicy string - CPUManagerPolicyOptions map[string]string - CPUManagerReconcilePeriod string - EventBurst int - EventRecordQPS int - EvictionHard map[string]string - EvictionMaxPodGracePeriod int - EvictionSoft map[string]string - EvictionSoftGracePeriod map[string]string - ImageGCHighThresholdPercent int - ImageGCLowThresholdPercent int - KubeAPIBurst int - KubeAPIQPS int - KubeReserved map[string]string - MemoryManagerPolicy string - PodPidsLimit int64 - RegistryBurst int - RegistryPullQPS int - ShutdownGracePeriod string - ShutdownGracePeriodCriticalPods string - SystemReserved map[string]string - TopologyManagerPolicy string - TopologyManagerScope string + NetworkSettings NetworkSettings `toml:"network,omitempty"` + Kubernetes KubernetesSettings `toml:"kubernetes,omitempty"` + Kernel BottlerocketKernelSettings `toml:"kernel,omitempty"` + Boot BottlerocketBootSettings `toml:"boot,omitempty"` + + PauseContainerSource string + RegistryMirrorEndpoint string + RegistryMirrorCACert string + RegistryMirrorUsername string + RegistryMirrorPassword string + NodeLabels string + NTPServers []string + Taints string + HostContainers []bootstrapv1.BottlerocketHostContainer + BootstrapContainers []bootstrapv1.BottlerocketBootstrapContainer + CertBundles []bootstrapv1.CertBundle + RegistryMirrorMap map[string][]string +} + +// InitSettingsInput is the high level settings struct for the toml we are generating. +type InitSettingsInput struct { + InitSettings *InitSettings `toml:"settings,omitempty"` +} + +// InitSettings has all the other settings defined in the structure that Bottlerocket +// expects settings toml to be in. +type InitSettings struct { + Kubernetes *KubernetesSettings `toml:"kubernetes,omitempty"` + Kernel *BottlerocketKernelSettings `toml:"kernel,omitempty"` + Boot *BottlerocketBootSettings `toml:"boot,omitempty"` + NetworkSettings *NetworkSettings `toml:"network,omitempty"` +} + +// NetworkSettings exposes and sets the settings for Network field under Settings. +type NetworkSettings struct { + Hostname string `toml:"hostname,omitempty"` + HTTPSProxyEndpoint string `toml:"https-proxy,omitempty"` + NoProxyEndpoints []string `toml:"no-proxy,omitempty"` +} + +// BottlerocketKernelSettings exposes and sets the settings for Kernel field under Settings. +type BottlerocketKernelSettings struct { + SysctlSettings map[string]string `toml:"sysctl,omitempty"` +} + +// BottlerocketBootSettings exposes and sets the settings for Boot field under Settings. +type BottlerocketBootSettings struct { + RebootToReconcile bool `toml:"reboot-to-reconcile,omitempty"` + BootKernel map[string][]string `toml:"kernel-parameters,omitempty"` +} + +// KubernetesSettings exposes and sets the settings for Kubernetes field under Settings. +type KubernetesSettings struct { + AllowedUnsafeSysctls []string `toml:"allowed-unsafe-sysctls,omitempty"` + AuthenticationMode string `toml:"authentication-mode,omitempty"` + ClusterDNSIPs []string `toml:"cluster-dns-ip,omitempty"` + ClusterDomain string `toml:"cluster-domain,omitempty"` + ContainerLogMaxFiles *int `toml:"container-log-max-files,omitempty"` + ContainerLogMaxSize string `toml:"container-log-max-size,omitempty"` + CPUCFSQuota *bool `toml:"cpu-cfs-quota-enforced,omitempty"` + CPUManagerPolicy string `toml:"cpu-manager-policy,omitempty"` + CPUManagerPolicyOptions []string `toml:"cpu-manager-policy-options,omitempty"` + CPUManagerReconcilePeriod string `toml:"cpu-manager-reconcile-period,omitempty"` + EventBurst *int `toml:"event-burst,omitempty"` + EventRecordQPS *int `toml:"event-qps,omitempty"` + EvictionMaxPodGracePeriod *int `toml:"eviction-max-pod-grace-period,omitempty"` + ImageGCHighThresholdPercent *int `toml:"image-gc-high-threshold-percent,omitempty"` + ImageGCLowThresholdPercent *int `toml:"image-gc-low-threshold-percent,omitempty"` + KubeAPIBurst *int `toml:"kube-api-burst,omitempty"` + KubeAPIQPS *int `toml:"kube-api-qps,omitempty"` + MaxPods *int `toml:"max-pods,omitempty"` + MemoryManagerPolicy string `toml:"memory-manager-policy,omitempty"` + PodInfraContainerImage string `toml:"pod-infra-container-image"` + PodPidsLimit *int64 `toml:"pod-pids-limit,omitempty"` + ProviderID string `toml:"provider-id,omitempty"` + RegistryBurst *int `toml:"registry-burst,omitempty"` + RegistryPullQPS *int `toml:"registry-qps,omitempty"` + ServerTLSBootstrap bool `toml:"server-tls-bootstrap"` + ShutdownGracePeriod string `toml:"shutdown-grace-period,omitempty"` + ShutdownGracePeriodCriticalPods string `toml:"shutdown-grace-period-for-critical-pods,omitempty"` + StandaloneMode bool `toml:"standalone-mode,omitempty"` + TopologyManagerPolicy string `toml:"topology-manager-policy,omitempty"` + TopologyManagerScope string `toml:"topology-manager-scope,omitempty"` + + EvictionHard map[string]string `toml:"eviction-hard,omitempty"` + EvictionSoft map[string]string `toml:"eviction-soft,omitempty"` + EvictionSoftGracePeriod map[string]string `toml:"eviction-soft-grace-period,omitempty"` + KubeReserved map[string]string `toml:"kube-reserved,omitempty"` + SystemReserved map[string]string `toml:"system-reserved,omitempty"` } // HostPath holds the path and type of a host path volume. @@ -165,27 +207,6 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er if _, err := tm.Parse(bootstrapContainerSliceTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse bootstrapContainerSettingsSlice %s template", kind) } - if _, err := tm.Parse(kubernetesInitTemplate); err != nil { - return nil, errors.Wrapf(err, "failed to parse kubernetes %s template", kind) - } - if _, err := tm.Parse(evictionHardTemplate); err != nil { - return nil, errors.Wrapf(err, "failed to parse evictionHardSettings %s template", kind) - } - if _, err := tm.Parse(evictionSoftTemplate); err != nil { - return nil, errors.Wrapf(err, "failed to parse evictionSoftSettings %s template", kind) - } - if _, err := tm.Parse(evictionSoftGracePeriodTemplate); err != nil { - return nil, errors.Wrapf(err, "failed to parse evictionSoftGracePeriodSettings %s template", kind) - } - if _, err := tm.Parse(kubeReservedTemplate); err != nil { - return nil, errors.Wrapf(err, "failed to parse kubeReservedSettings %s template", kind) - } - if _, err := tm.Parse(systemReservedTemplate); err != nil { - return nil, errors.Wrapf(err, "failed to parse systemReservedSettings %s template", kind) - } - if _, err := tm.Parse(networkInitTemplate); err != nil { - return nil, errors.Wrapf(err, "failed to parse networks %s template", kind) - } if _, err := tm.Parse(registryMirrorTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse registry mirror %s template", kind) } @@ -204,12 +225,6 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er if _, err := tm.Parse(ntpTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse NTP %s template", kind) } - if _, err := tm.Parse(sysctlSettingsTemplate); err != nil { - return nil, errors.Wrapf(err, "failed to parse sysctl settings %s template", kind) - } - if _, err := tm.Parse(bootSettingsTemplate); err != nil { - return nil, errors.Wrapf(err, "failed to parse boot settings %s template", kind) - } if _, err := tm.Parse(certsTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse certs %s template", kind) } @@ -272,21 +287,12 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot bottlerocketInput := &SettingsInput{ PauseContainerSource: fmt.Sprintf("%s:%s", config.Pause.ImageRepository, config.Pause.ImageTag), - HTTPSProxyEndpoint: config.ProxyConfiguration.HTTPSProxy, NodeLabels: parseNodeLabels(config.KubeletExtraArgs["node-labels"]), // empty string if it does not exist Taints: parseTaints(config.Taints), // empty string if it does not exist - ProviderID: config.KubeletExtraArgs["provider-id"], - Hostname: config.Hostname, HostContainers: hostContainers, BootstrapContainers: config.BottlerocketCustomBootstrapContainers, } - if len(config.ProxyConfiguration.NoProxy) > 0 { - for _, noProxy := range config.ProxyConfiguration.NoProxy { - bottlerocketInput.NoProxyEndpoints = append(bottlerocketInput.NoProxyEndpoints, strconv.Quote(noProxy)) - } - } - // When RegistryMirrorConfiguration.Endpoint is specified, we default the mirror to public.ecr.aws. // This was done for backward compatability, since public.ecr.aws was the only supported registry before. // For existing customers this ensures that their nodes dont rollout, unless more mirrors are specified explicitly. @@ -323,69 +329,158 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot bottlerocketInput.NTPServers = append(bottlerocketInput.NTPServers, strconv.Quote(ntp)) } } + + if config.CertBundle != nil { + for _, cert := range config.CertBundle { + cert.Data = base64.StdEncoding.EncodeToString([]byte(cert.Data)) + bottlerocketInput.CertBundles = append(bottlerocketInput.CertBundles, cert) + } + } + + nodeUserData, err := generateNodeUserData("InitBottlerocketNode", bottlerocketNodeInitSettingsTemplate, bottlerocketInput) + if err != nil { + return nil, err + } + + settings := InitSettingsInput{} + initSettings := &InitSettings{} + + nwSettings, err := getNetworkSettings(config) + if err != nil { + return nil, err + } + initSettings.NetworkSettings = nwSettings + + kubernetesSettings, err := getKubernetesSettings(config, bottlerocketInput) + if err != nil { + return nil, err + } + initSettings.Kubernetes = kubernetesSettings + + if config.BottlerocketSettings != nil { + kernelSettings := getKernelSettings(config) + if kernelSettings != nil { + initSettings.Kernel = kernelSettings + } + + bootSettings := getBootSettings(config) + if bootSettings != nil { + initSettings.Boot = bootSettings + } + } + + settings.InitSettings = initSettings + + settingsTOML, err := toml.Marshal(settings) + if err != nil { + return nil, errors.Wrapf(err, "failed to marshal toml data for %v", settings) + } + + settingsTOML = append(settingsTOML, nodeUserData...) + + return settingsTOML, nil +} + +func getKernelSettings(config *BottlerocketConfig) *BottlerocketKernelSettings { + if config.BottlerocketSettings.Kernel == nil { + return nil + } + + bottlerocketKernelSettings := &BottlerocketKernelSettings{} + bottlerocketKernelSettings.SysctlSettings = config.BottlerocketSettings.Kernel.SysctlSettings + + return bottlerocketKernelSettings +} + +func getBootSettings(config *BottlerocketConfig) *BottlerocketBootSettings { + if config.BottlerocketSettings.Boot == nil { + return nil + } + bottlerocketBootSettings := &BottlerocketBootSettings{} + if config.BottlerocketSettings.Boot != nil { + bottlerocketBootSettings.RebootToReconcile = true + bottlerocketBootSettings.BootKernel = config.BottlerocketSettings.Boot.BootKernelParameters + } + + return bottlerocketBootSettings +} + +func getNetworkSettings(config *BottlerocketConfig) (*NetworkSettings, error) { + networkSettings := &NetworkSettings{ + Hostname: config.Hostname, + HTTPSProxyEndpoint: config.ProxyConfiguration.HTTPSProxy, + } + if len(config.ProxyConfiguration.NoProxy) > 0 { + networkSettings.NoProxyEndpoints = append(networkSettings.NoProxyEndpoints, config.ProxyConfiguration.NoProxy...) + } + + return networkSettings, nil +} + +func getKubernetesSettings(config *BottlerocketConfig, settingsInput *SettingsInput) (*KubernetesSettings, error) { + kubernetesSettings := &KubernetesSettings{} + kubernetesSettings.AuthenticationMode = "tls" + kubernetesSettings.ClusterDomain = "cluster.local" + kubernetesSettings.PodInfraContainerImage = settingsInput.PauseContainerSource + kubernetesSettings.ProviderID = config.KubeletExtraArgs["provider-id"] + kubernetesSettings.ServerTLSBootstrap = false + kubernetesSettings.StandaloneMode = true + if config.BottlerocketSettings != nil { if config.BottlerocketSettings.Kubernetes != nil { - for _, sysctl := range config.BottlerocketSettings.Kubernetes.AllowedUnsafeSysctls { - bottlerocketInput.AllowedUnsafeSysctls = append(bottlerocketInput.AllowedUnsafeSysctls, strconv.Quote(sysctl)) + kubernetesSettings.AllowedUnsafeSysctls = append(kubernetesSettings.AllowedUnsafeSysctls, config.BottlerocketSettings.Kubernetes.AllowedUnsafeSysctls...) + kubernetesSettings.ClusterDNSIPs = append(kubernetesSettings.ClusterDNSIPs, config.BottlerocketSettings.Kubernetes.ClusterDNSIPs...) + if config.BottlerocketSettings.Kubernetes.ClusterDomain != "" { + kubernetesSettings.ClusterDomain = config.BottlerocketSettings.Kubernetes.ClusterDomain } - for _, ip := range config.BottlerocketSettings.Kubernetes.ClusterDNSIPs { - bottlerocketInput.ClusterDNSIPs = append(bottlerocketInput.ClusterDNSIPs, strconv.Quote(ip)) - } - bottlerocketInput.ClusterDomain = config.BottlerocketSettings.Kubernetes.ClusterDomain - bottlerocketInput.ContainerLogMaxFiles = config.BottlerocketSettings.Kubernetes.ContainerLogMaxFiles - bottlerocketInput.ContainerLogMaxSize = config.BottlerocketSettings.Kubernetes.ContainerLogMaxSize + kubernetesSettings.ContainerLogMaxFiles = config.BottlerocketSettings.Kubernetes.ContainerLogMaxFiles + kubernetesSettings.ContainerLogMaxSize = config.BottlerocketSettings.Kubernetes.ContainerLogMaxSize if config.BottlerocketSettings.Kubernetes.CPUCFSQuota != nil { - bottlerocketInput.CPUCFSQuota = config.BottlerocketSettings.Kubernetes.CPUCFSQuota + kubernetesSettings.CPUCFSQuota = config.BottlerocketSettings.Kubernetes.CPUCFSQuota + } + kubernetesSettings.CPUManagerPolicy = config.BottlerocketSettings.Kubernetes.CPUManagerPolicy + cpuManagerOptions := config.BottlerocketSettings.Kubernetes.CPUManagerPolicyOptions + if cpuManagerOptions != nil { + kubernetesSettings.CPUManagerPolicyOptions = []string{} + for key, val := range cpuManagerOptions { + if val == "true" { + kubernetesSettings.CPUManagerPolicyOptions = append(kubernetesSettings.CPUManagerPolicyOptions, key) + } + } } - bottlerocketInput.CPUManagerPolicy = config.BottlerocketSettings.Kubernetes.CPUManagerPolicy - bottlerocketInput.CPUManagerPolicyOptions = config.BottlerocketSettings.Kubernetes.CPUManagerPolicyOptions if config.BottlerocketSettings.Kubernetes.CPUManagerReconcilePeriod != nil { - bottlerocketInput.CPUManagerReconcilePeriod = config.BottlerocketSettings.Kubernetes.CPUManagerReconcilePeriod.Duration.String() + kubernetesSettings.CPUManagerReconcilePeriod = config.BottlerocketSettings.Kubernetes.CPUManagerReconcilePeriod.Duration.String() } - bottlerocketInput.EventBurst = config.BottlerocketSettings.Kubernetes.EventBurst - bottlerocketInput.EventRecordQPS = config.BottlerocketSettings.Kubernetes.EventRecordQPS - bottlerocketInput.EvictionHard = config.BottlerocketSettings.Kubernetes.EvictionHard - bottlerocketInput.EvictionMaxPodGracePeriod = config.BottlerocketSettings.Kubernetes.EvictionMaxPodGracePeriod - bottlerocketInput.EvictionSoft = config.BottlerocketSettings.Kubernetes.EvictionSoft - bottlerocketInput.EvictionSoftGracePeriod = config.BottlerocketSettings.Kubernetes.EvictionSoftGracePeriod - bottlerocketInput.ImageGCHighThresholdPercent = config.BottlerocketSettings.Kubernetes.ImageGCHighThresholdPercent - bottlerocketInput.ImageGCLowThresholdPercent = config.BottlerocketSettings.Kubernetes.ImageGCLowThresholdPercent - bottlerocketInput.KubeAPIBurst = config.BottlerocketSettings.Kubernetes.KubeAPIBurst - bottlerocketInput.KubeAPIQPS = config.BottlerocketSettings.Kubernetes.KubeAPIQPS - bottlerocketInput.KubeReserved = config.BottlerocketSettings.Kubernetes.KubeReserved - bottlerocketInput.MaxPods = config.BottlerocketSettings.Kubernetes.MaxPods - bottlerocketInput.MemoryManagerPolicy = config.BottlerocketSettings.Kubernetes.MemoryManagerPolicy - bottlerocketInput.PodPidsLimit = config.BottlerocketSettings.Kubernetes.PodPidsLimit - bottlerocketInput.RegistryBurst = config.BottlerocketSettings.Kubernetes.RegistryBurst - bottlerocketInput.RegistryPullQPS = config.BottlerocketSettings.Kubernetes.RegistryPullQPS + kubernetesSettings.EventBurst = config.BottlerocketSettings.Kubernetes.EventBurst + kubernetesSettings.EventRecordQPS = config.BottlerocketSettings.Kubernetes.EventRecordQPS + kubernetesSettings.EvictionHard = config.BottlerocketSettings.Kubernetes.EvictionHard + kubernetesSettings.EvictionMaxPodGracePeriod = config.BottlerocketSettings.Kubernetes.EvictionMaxPodGracePeriod + kubernetesSettings.EvictionSoft = config.BottlerocketSettings.Kubernetes.EvictionSoft + kubernetesSettings.EvictionSoftGracePeriod = config.BottlerocketSettings.Kubernetes.EvictionSoftGracePeriod + kubernetesSettings.ImageGCHighThresholdPercent = config.BottlerocketSettings.Kubernetes.ImageGCHighThresholdPercent + kubernetesSettings.ImageGCLowThresholdPercent = config.BottlerocketSettings.Kubernetes.ImageGCLowThresholdPercent + kubernetesSettings.KubeAPIBurst = config.BottlerocketSettings.Kubernetes.KubeAPIBurst + kubernetesSettings.KubeAPIQPS = config.BottlerocketSettings.Kubernetes.KubeAPIQPS + kubernetesSettings.KubeReserved = config.BottlerocketSettings.Kubernetes.KubeReserved + kubernetesSettings.MaxPods = config.BottlerocketSettings.Kubernetes.MaxPods + kubernetesSettings.MemoryManagerPolicy = config.BottlerocketSettings.Kubernetes.MemoryManagerPolicy + kubernetesSettings.ProviderID = config.KubeletExtraArgs["provider-id"] + kubernetesSettings.PodPidsLimit = config.BottlerocketSettings.Kubernetes.PodPidsLimit + kubernetesSettings.RegistryBurst = config.BottlerocketSettings.Kubernetes.RegistryBurst + kubernetesSettings.RegistryPullQPS = config.BottlerocketSettings.Kubernetes.RegistryPullQPS if config.BottlerocketSettings.Kubernetes.ShutdownGracePeriod != nil { - bottlerocketInput.ShutdownGracePeriod = config.BottlerocketSettings.Kubernetes.ShutdownGracePeriod.Duration.String() + kubernetesSettings.ShutdownGracePeriod = config.BottlerocketSettings.Kubernetes.ShutdownGracePeriod.Duration.String() } if config.BottlerocketSettings.Kubernetes.ShutdownGracePeriodCriticalPods != nil { - bottlerocketInput.ShutdownGracePeriodCriticalPods = config.BottlerocketSettings.Kubernetes.ShutdownGracePeriodCriticalPods.Duration.String() + kubernetesSettings.ShutdownGracePeriodCriticalPods = config.BottlerocketSettings.Kubernetes.ShutdownGracePeriodCriticalPods.Duration.String() } - bottlerocketInput.SystemReserved = config.BottlerocketSettings.Kubernetes.SystemReserved - bottlerocketInput.TopologyManagerPolicy = config.BottlerocketSettings.Kubernetes.TopologyManagerPolicy - bottlerocketInput.TopologyManagerScope = config.BottlerocketSettings.Kubernetes.TopologyManagerScope - } - - if config.BottlerocketSettings.Kernel != nil { - bottlerocketInput.SysctlSettings = parseSysctlSettings(config.BottlerocketSettings.Kernel.SysctlSettings) - } - - if config.BottlerocketSettings.Boot != nil { - bottlerocketInput.BootKernel = parseBootSettings(config.BottlerocketSettings.Boot.BootKernelParameters) - } - - } - if config.CertBundle != nil { - for _, cert := range config.CertBundle { - cert.Data = base64.StdEncoding.EncodeToString([]byte(cert.Data)) - bottlerocketInput.CertBundles = append(bottlerocketInput.CertBundles, cert) + kubernetesSettings.SystemReserved = config.BottlerocketSettings.Kubernetes.SystemReserved + kubernetesSettings.TopologyManagerPolicy = config.BottlerocketSettings.Kubernetes.TopologyManagerPolicy + kubernetesSettings.TopologyManagerScope = config.BottlerocketSettings.Kubernetes.TopologyManagerScope } } - return generateNodeUserData("InitBottlerocketNode", bottlerocketNodeInitSettingsTemplate, bottlerocketInput) + return kubernetesSettings, nil } // bottlerocket configuration accepts taints in the format @@ -433,30 +528,6 @@ func parseNodeLabels(nodeLabels string) string { return nodeLabelsToml } -func parseSysctlSettings(sysctlSettings map[string]string) string { - sysctlSettingsToml := "" - for key, value := range sysctlSettings { - sysctlSettingsToml += fmt.Sprintf("\"%v\" = \"%v\"\n", key, value) - } - return sysctlSettingsToml -} - -func parseBootSettings(bootSettings map[string][]string) string { - bootSettingsToml := "" - for key, value := range bootSettings { - var values []string - if len(value) != 0 { - for _, val := range value { - quotedVal := "\"" + val + "\"" - values = append(values, quotedVal) - } - } - keyVal := strings.Join(values, ",") - bootSettingsToml += fmt.Sprintf("\"%v\" = [%v]\n", key, keyVal) - } - return bootSettingsToml -} - // Parses through all the users and return list of all user's authorized ssh keys func getAllAuthorizedKeys(users []bootstrapv1.User) string { var sshAuthorizedKeys []string diff --git a/bootstrap/kubeadm/types/upstreamv1beta1/types.go b/bootstrap/kubeadm/types/upstreamv1beta1/types.go index 8ae11ae0dc6f..fabae6802b7a 100644 --- a/bootstrap/kubeadm/types/upstreamv1beta1/types.go +++ b/bootstrap/kubeadm/types/upstreamv1beta1/types.go @@ -193,7 +193,7 @@ type BottlerocketSettings struct { // This setting is ONLY for bottlerocket nodes. type BottlerocketKubernetesSettings struct { // MaxPods defines the maximum number of pods that can run on a node. - MaxPods int `json:"maxPods,omitempty"` + MaxPods *int `json:"maxPods,omitempty"` // AllowedUnsafeSysctls defines the list of unsafe sysctls that can be set on a node. AllowedUnsafeSysctls []string `json:"allowedUnsafeSysctls,omitempty"` diff --git a/bootstrap/kubeadm/types/upstreamv1beta1/zz_generated.deepcopy.go b/bootstrap/kubeadm/types/upstreamv1beta1/zz_generated.deepcopy.go index b8ef3ee3060d..ca7f31717eff 100644 --- a/bootstrap/kubeadm/types/upstreamv1beta1/zz_generated.deepcopy.go +++ b/bootstrap/kubeadm/types/upstreamv1beta1/zz_generated.deepcopy.go @@ -277,6 +277,11 @@ func (in *BottlerocketKernelSettings) DeepCopy() *BottlerocketKernelSettings { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BottlerocketKubernetesSettings) DeepCopyInto(out *BottlerocketKubernetesSettings) { *out = *in + if in.MaxPods != nil { + in, out := &in.MaxPods, &out.MaxPods + *out = new(int) + **out = **in + } if in.AllowedUnsafeSysctls != nil { in, out := &in.AllowedUnsafeSysctls, &out.AllowedUnsafeSysctls *out = make([]string, len(*in)) diff --git a/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml b/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml index 5925b38094c4..dc27ee07125e 100644 --- a/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml +++ b/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml @@ -3804,10 +3804,6 @@ spec: PIDs in any pod. format: int64 type: integer - providerID: - description: ProviderID sets the unique ID of the - instance that an external provider. - type: string registryBurst: description: RegistryBurst is the maximum size of bursty pulls. @@ -4843,10 +4839,6 @@ spec: PIDs in any pod. format: int64 type: integer - providerID: - description: ProviderID sets the unique ID of the - instance that an external provider. - type: string registryBurst: description: RegistryBurst is the maximum size of bursty pulls. diff --git a/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanetemplates.yaml b/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanetemplates.yaml index 6d9f1c9d7619..6a79fe06cd9a 100644 --- a/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanetemplates.yaml +++ b/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanetemplates.yaml @@ -1979,10 +1979,6 @@ spec: of PIDs in any pod. format: int64 type: integer - providerID: - description: ProviderID sets the unique ID - of the instance that an external provider. - type: string registryBurst: description: RegistryBurst is the maximum size of bursty pulls. @@ -3041,10 +3037,6 @@ spec: of PIDs in any pod. format: int64 type: integer - providerID: - description: ProviderID sets the unique ID - of the instance that an external provider. - type: string registryBurst: description: RegistryBurst is the maximum size of bursty pulls. diff --git a/go.mod b/go.mod index 8739faa0ff4a..27cd7b209641 100644 --- a/go.mod +++ b/go.mod @@ -52,6 +52,7 @@ require ( require ( github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect + github.com/BurntSushi/toml v1.4.0 github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver/v3 v3.2.0 // indirect github.com/NYTimes/gziphandler v1.1.1 // indirect diff --git a/go.sum b/go.sum index f97ad271e8ec..8ba646b208d2 100644 --- a/go.sum +++ b/go.sum @@ -19,6 +19,8 @@ dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7 github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0= +github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= diff --git a/internal/apis/bootstrap/kubeadm/v1alpha4/zz_generated.conversion.go b/internal/apis/bootstrap/kubeadm/v1alpha4/zz_generated.conversion.go index 4c8400e70043..030123c5c3f5 100644 --- a/internal/apis/bootstrap/kubeadm/v1alpha4/zz_generated.conversion.go +++ b/internal/apis/bootstrap/kubeadm/v1alpha4/zz_generated.conversion.go @@ -856,7 +856,7 @@ func Convert_v1beta1_BottlerocketKernelSettings_To_v1alpha4_BottlerocketKernelSe } func autoConvert_v1alpha4_BottlerocketKubernetesSettings_To_v1beta1_BottlerocketKubernetesSettings(in *BottlerocketKubernetesSettings, out *v1beta1.BottlerocketKubernetesSettings, s conversion.Scope) error { - out.MaxPods = in.MaxPods + // WARNING: in.MaxPods requires manual conversion: inconvertible types (int vs *int) out.AllowedUnsafeSysctls = *(*[]string)(unsafe.Pointer(&in.AllowedUnsafeSysctls)) out.ClusterDNSIPs = *(*[]string)(unsafe.Pointer(&in.ClusterDNSIPs)) return nil @@ -888,10 +888,9 @@ func autoConvert_v1beta1_BottlerocketKubernetesSettings_To_v1alpha4_Bottlerocket // WARNING: in.KubeAPIBurst requires manual conversion: does not exist in peer-type // WARNING: in.KubeAPIQPS requires manual conversion: does not exist in peer-type // WARNING: in.KubeReserved requires manual conversion: does not exist in peer-type - out.MaxPods = in.MaxPods + // WARNING: in.MaxPods requires manual conversion: inconvertible types (*int vs int) // WARNING: in.MemoryManagerPolicy requires manual conversion: does not exist in peer-type // WARNING: in.PodPidsLimit requires manual conversion: does not exist in peer-type - // WARNING: in.ProviderID requires manual conversion: does not exist in peer-type // WARNING: in.RegistryBurst requires manual conversion: does not exist in peer-type // WARNING: in.RegistryPullQPS requires manual conversion: does not exist in peer-type // WARNING: in.ShutdownGracePeriod requires manual conversion: does not exist in peer-type diff --git a/test/go.mod b/test/go.mod index 44872dc0e723..a1e624c3d257 100644 --- a/test/go.mod +++ b/test/go.mod @@ -39,7 +39,7 @@ require ( require ( github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect - github.com/BurntSushi/toml v1.0.0 // indirect + github.com/BurntSushi/toml v1.4.0 // indirect github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver/v3 v3.2.0 // indirect diff --git a/test/go.sum b/test/go.sum index 475a7ed4887a..a48ccaf6c8a6 100644 --- a/test/go.sum +++ b/test/go.sum @@ -7,8 +7,9 @@ cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2Aawl github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/toml v1.0.0 h1:dtDWrepsVPfW9H/4y7dDgFc2MBUSeJhlaDtK13CxFlU= github.com/BurntSushi/toml v1.0.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0= +github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=