From 47a919bfc93edecc476ef9adf8e56b9ee71ebefe Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Tue, 30 Mar 2021 14:50:37 +0200 Subject: [PATCH] refactor: Unifi feature-gate handling in kubeadm chart --- .../templates/ClusterConfiguration.yaml | 6 +++--- .../templates/KubeletConfiguration.yaml | 7 +------ charts/kubeadm/templates/_helpers.tpl | 18 ++++++++++++++++++ kubezero-repo.GFV/repo | 1 + scripts/publish.sh | 2 +- 5 files changed, 24 insertions(+), 10 deletions(-) create mode 100644 charts/kubeadm/templates/_helpers.tpl create mode 160000 kubezero-repo.GFV/repo diff --git a/charts/kubeadm/templates/ClusterConfiguration.yaml b/charts/kubeadm/templates/ClusterConfiguration.yaml index 0bfa0b8..79a8b3c 100644 --- a/charts/kubeadm/templates/ClusterConfiguration.yaml +++ b/charts/kubeadm/templates/ClusterConfiguration.yaml @@ -23,12 +23,14 @@ controllerManager: terminated-pod-gc-threshold: "300" leader-elect: {{ .Values.clusterHighAvailable | quote }} logging-format: json + feature-gates: "{{ include "kubeadm.featuregates" ( dict "return" "csv" "platform" .Values.platform ) | trimSuffix "," }}" scheduler: extraArgs: profiling: "false" bind-address: {{ .Values.listenAddress }} leader-elect: {{ .Values.clusterHighAvailable | quote }} logging-format: json + feature-gates: "{{ include "kubeadm.featuregates" ( dict "return" "csv" "platform" .Values.platform ) | trimSuffix "," }}" apiServer: certSANs: - {{ regexSplit ":" .Values.apiEndpoint -1 | first }} @@ -44,10 +46,8 @@ apiServer: admission-control-config-file: /etc/kubernetes/apiserver/admission-configuration.yaml {{- if eq .Values.platform "aws" }} authentication-token-webhook-config-file: /etc/kubernetes/apiserver/aws-iam-authenticator.yaml - feature-gates: "CSIMigrationAWS=true,CSIMigrationAWSComplete=true,DefaultPodTopologySpread=true" - {{- else }} - feature-gates: "DefaultPodTopologySpread=true" {{- end }} + feature-gates: "{{ include "kubeadm.featuregates" ( dict "return" "csv" "platform" .Values.platform ) | trimSuffix "," }}" enable-admission-plugins: NodeRestriction,EventRateLimit {{- if .Values.clusterHighAvailable }} # goaway-chance: ".001" diff --git a/charts/kubeadm/templates/KubeletConfiguration.yaml b/charts/kubeadm/templates/KubeletConfiguration.yaml index 04617ad..2b0522e 100644 --- a/charts/kubeadm/templates/KubeletConfiguration.yaml +++ b/charts/kubeadm/templates/KubeletConfiguration.yaml @@ -17,12 +17,7 @@ eventRecordQPS: 0 # tlsCertFile: /var/lib/kubelet/pki/kubelet.crt # tlsPrivateKeyFile: /var/lib/kubelet/pki/kubelet.key tlsCipherSuites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256] -featureGates: - CustomCPUCFSQuotaPeriod: true -{{- if eq .Values.platform "aws" }} - CSIMigrationAWS: true - CSIMigrationAWSComplete: true -{{- end }} +featureGates: {{ include "kubeadm.featuregates" ( dict "return" "map" "platform" .Values.platform ) }} # Minimal unit is 50m per pod podsPerCore: 20 # Basic OS on Ubuntu 20.04 incl. crio diff --git a/charts/kubeadm/templates/_helpers.tpl b/charts/kubeadm/templates/_helpers.tpl new file mode 100644 index 0000000..eb62e8e --- /dev/null +++ b/charts/kubeadm/templates/_helpers.tpl @@ -0,0 +1,18 @@ +{{- /* +Feature gates for all control plane components +*/ -}} +{{- define "kubeadm.featuregates" -}} +{{- $gates := dict "DefaultPodTopologySpread" "true" "CustomCPUCFSQuotaPeriod" "true" }} +{{- if eq .platform "aws" }} +{{- $gates = merge $gates ( dict "CSIMigrationAWS" "true" "CSIMigrationAWSComplete" "true") }} +{{- end }} +{{- if eq .return "csv" }} +{{- range $key, $val := $gates }} +{{- $key }}={{- $val }}, +{{- end }} +{{- else }} +{{- range $key, $val := $gates }} + {{ $key }}: {{ $val }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubezero-repo.GFV/repo b/kubezero-repo.GFV/repo new file mode 160000 index 0000000..25b8ebe --- /dev/null +++ b/kubezero-repo.GFV/repo @@ -0,0 +1 @@ +Subproject commit 25b8ebe3cc2af88643a4674a63e651e9c31245cb diff --git a/scripts/publish.sh b/scripts/publish.sh index 791031f..ff224b4 100755 --- a/scripts/publish.sh +++ b/scripts/publish.sh @@ -52,7 +52,7 @@ git status if [ "$GIT_PUSH" == "true" ] then - git add . && git commit -m "Publish charts" && git push ssh://git@git.zero-downtime.net:22000/ZeroDownTime/KubeZero.git gh-pages + git add . && git commit -m "ci: Publish charts" && git push ssh://git@git.zero-downtime.net:22000/ZeroDownTime/KubeZero.git gh-pages fi cd -