Skip to content

Commit

Permalink
Merge pull request #9803 from hakman/calico-validation
Browse files Browse the repository at this point in the history
Update validation for Calico to assume etcd3 as default
  • Loading branch information
k8s-ci-robot authored Aug 24, 2020

Verified

This commit was signed with the committer’s verified signature. The key has expired.
justinsb Justin Santa Barbara
2 parents 511d749 + cd82550 commit 83d299d
Showing 8 changed files with 355 additions and 101 deletions.
28 changes: 11 additions & 17 deletions pkg/apis/kops/validation/validation.go
Original file line number Diff line number Diff line change
@@ -914,25 +914,19 @@ func validateEtcdMemberSpec(spec *kops.EtcdMemberSpec, fieldPath *field.Path) fi
func ValidateEtcdVersionForCalicoV3(e *kops.EtcdClusterSpec, majorVersion string, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}

version := e.Version
if e.Version == "" {
version = components.DefaultEtcd2Version
}
sem, err := semver.Parse(strings.TrimPrefix(version, "v"))
if err != nil {
allErrs = append(allErrs, field.InternalError(fldPath.Child("majorVersion"), fmt.Errorf("failed to parse Etcd version to check compatibility: %s", err)))
}

if sem.Major != 3 {
if e.Version == "" {
allErrs = append(allErrs,
field.Forbidden(fldPath.Child("majorVersion"),
fmt.Sprintf("Unable to use v3 when ETCD version for %s cluster is default(%s)",
e.Name, components.DefaultEtcd2Version)))
if majorVersion == "v3" {
return allErrs
} else {
allErrs = append(allErrs,
field.Forbidden(fldPath.Child("majorVersion"),
fmt.Sprintf("Unable to use v3 when ETCD version for %s cluster is %s", e.Name, e.Version)))
allErrs = append(allErrs, field.Required(fldPath.Child("majorVersion"), "majorVersion required when etcd version is not set explicitly"))
}
} else {
sem, err := semver.Parse(strings.TrimPrefix(e.Version, "v"))
if err != nil {
allErrs = append(allErrs, field.InternalError(fldPath.Child("majorVersion"), fmt.Errorf("failed to parse etcd version to check compatibility: %s", err)))
}
if majorVersion == "v3" && sem.Major != 3 {
allErrs = append(allErrs, field.Forbidden(fldPath.Child("majorVersion"), fmt.Sprintf("unable to use v3 when etcd version for %s cluster is %s", e.Name, e.Version)))
}
}
return allErrs
Original file line number Diff line number Diff line change
@@ -152,7 +152,10 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
cloudConfig: null
containerRuntime: docker
containerd:
skipInstall: true
configOverride: |
disabled_plugins = ["cri"]
logLevel: info
version: 1.2.13
docker:
ipMasq: false
ipTables: false
@@ -162,13 +165,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
- max-size=10m
- max-file=5
storage: overlay2,overlay,aufs
version: 18.06.3
version: 19.03.11
encryptionConfig: null
etcdClusters:
events:
version: 3.3.10
version: 3.4.3
main:
version: 3.3.10
version: 3.4.3
kubeAPIServer:
allowPrivileged: true
anonymousAuth: false
@@ -191,9 +194,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
- http://127.0.0.1:4001
etcdServersOverrides:
- /events#http://127.0.0.1:4002
image: k8s.gcr.io/kube-apiserver:v1.14.0
image: k8s.gcr.io/kube-apiserver:v1.18.0
insecureBindAddress: 127.0.0.1
insecurePort: 8080
kubeletPreferredAddressTypes:
- InternalIP
- Hostname
@@ -217,7 +219,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
clusterCIDR: 100.96.0.0/11
clusterName: privatecalico.example.com
configureCloudRoutes: false
image: k8s.gcr.io/kube-controller-manager:v1.14.0
image: k8s.gcr.io/kube-controller-manager:v1.18.0
leaderElection:
leaderElect: true
logLevel: 2
@@ -226,10 +228,10 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
clusterCIDR: 100.96.0.0/11
cpuRequest: 100m
hostnameOverride: '@aws'
image: k8s.gcr.io/kube-proxy:v1.14.0
image: k8s.gcr.io/kube-proxy:v1.18.0
logLevel: 2
kubeScheduler:
image: k8s.gcr.io/kube-scheduler:v1.14.0
image: k8s.gcr.io/kube-scheduler:v1.18.0
leaderElection:
leaderElect: true
logLevel: 2
@@ -241,8 +243,6 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
ExperimentalCriticalPodAnnotation: "true"
hostnameOverride: '@aws'
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
@@ -258,8 +258,6 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
ExperimentalCriticalPodAnnotation: "true"
hostnameOverride: '@aws'
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
@@ -279,13 +277,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
Assets:
amd64:
- c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet
- 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl
- 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz
- 3a90e7abf9910aebf9ef5845918c665afd4136a8832604ccfabca2defb35ce0f@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubelet
- bb16739fcad964c197752200ff89d89aad7b118cb1de5725dc53fe924c40e3f7@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- 994fbfcdbb2eedcfa87e48d8edb9bb365f4e2747a7e47658482556c12fd9b2f5@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.6/cni-plugins-linux-amd64-v0.8.6.tgz
arm64:
- df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet
- 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl
- 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz
- db91a26f8baa2bce017172305e717e77be5cfc4272592be8cb0155e1cfa7719e@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubelet
- 0de307f90502cd58e5785cdcbebeb552df81fa2399190f8a662afea9e30bc74d@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubectl
- 43fbf750c5eccb10accffeeb092693c32b236fb25d919cf058c91a677822c999@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.6/cni-plugins-linux-arm64-v0.8.6.tgz
ClusterName: privatecalico.example.com
ConfigBase: memfs://clusters.example.com/privatecalico.example.com
InstanceGroupName: master-us-test-1a
@@ -298,8 +296,6 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
ExperimentalCriticalPodAnnotation: "true"
hostnameOverride: '@aws'
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
@@ -316,6 +312,9 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope
etcdManifests:
- memfs://clusters.example.com/privatecalico.example.com/manifests/etcd/main.yaml
- memfs://clusters.example.com/privatecalico.example.com/manifests/etcd/events.yaml
staticManifests:
- key: kube-apiserver-healthcheck
path: manifests/static/kube-apiserver-healthcheck.yaml
__EOF_KUBE_ENV
@@ -474,7 +473,10 @@ Resources.AWSEC2LaunchTemplatenodesprivatecalicoexamplecom.Properties.LaunchTemp
cloudConfig: null
containerRuntime: docker
containerd:
skipInstall: true
configOverride: |
disabled_plugins = ["cri"]
logLevel: info
version: 1.2.13
docker:
ipMasq: false
ipTables: false
@@ -484,12 +486,12 @@ Resources.AWSEC2LaunchTemplatenodesprivatecalicoexamplecom.Properties.LaunchTemp
- max-size=10m
- max-file=5
storage: overlay2,overlay,aufs
version: 18.06.3
version: 19.03.11
kubeProxy:
clusterCIDR: 100.96.0.0/11
cpuRequest: 100m
hostnameOverride: '@aws'
image: k8s.gcr.io/kube-proxy:v1.14.0
image: k8s.gcr.io/kube-proxy:v1.18.0
logLevel: 2
kubelet:
anonymousAuth: false
@@ -499,8 +501,6 @@ Resources.AWSEC2LaunchTemplatenodesprivatecalicoexamplecom.Properties.LaunchTemp
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
ExperimentalCriticalPodAnnotation: "true"
hostnameOverride: '@aws'
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
@@ -519,13 +519,13 @@ Resources.AWSEC2LaunchTemplatenodesprivatecalicoexamplecom.Properties.LaunchTemp
cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
Assets:
amd64:
- c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet
- 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl
- 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz
- 3a90e7abf9910aebf9ef5845918c665afd4136a8832604ccfabca2defb35ce0f@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubelet
- bb16739fcad964c197752200ff89d89aad7b118cb1de5725dc53fe924c40e3f7@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- 994fbfcdbb2eedcfa87e48d8edb9bb365f4e2747a7e47658482556c12fd9b2f5@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.6/cni-plugins-linux-amd64-v0.8.6.tgz
arm64:
- df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet
- 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl
- 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz
- db91a26f8baa2bce017172305e717e77be5cfc4272592be8cb0155e1cfa7719e@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubelet
- 0de307f90502cd58e5785cdcbebeb552df81fa2399190f8a662afea9e30bc74d@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubectl
- 43fbf750c5eccb10accffeeb092693c32b236fb25d919cf058c91a677822c999@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.6/cni-plugins-linux-arm64-v0.8.6.tgz
ClusterName: privatecalico.example.com
ConfigBase: memfs://clusters.example.com/privatecalico.example.com
InstanceGroupName: nodes
@@ -538,8 +538,6 @@ Resources.AWSEC2LaunchTemplatenodesprivatecalicoexamplecom.Properties.LaunchTemp
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
ExperimentalCriticalPodAnnotation: "true"
hostnameOverride: '@aws'
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
Original file line number Diff line number Diff line change
@@ -150,7 +150,10 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC'
cloudConfig: null
containerRuntime: docker
containerd:
skipInstall: true
configOverride: |
disabled_plugins = ["cri"]
logLevel: info
version: 1.2.13
docker:
ipMasq: false
ipTables: false
@@ -160,13 +163,13 @@ docker:
- max-size=10m
- max-file=5
storage: overlay2,overlay,aufs
version: 18.06.3
version: 19.03.11
encryptionConfig: null
etcdClusters:
events:
version: 3.3.10
version: 3.4.3
main:
version: 3.3.10
version: 3.4.3
kubeAPIServer:
allowPrivileged: true
anonymousAuth: false
@@ -189,9 +192,8 @@ kubeAPIServer:
- http://127.0.0.1:4001
etcdServersOverrides:
- /events#http://127.0.0.1:4002
image: k8s.gcr.io/kube-apiserver:v1.14.0
image: k8s.gcr.io/kube-apiserver:v1.18.0
insecureBindAddress: 127.0.0.1
insecurePort: 8080
kubeletPreferredAddressTypes:
- InternalIP
- Hostname
@@ -215,7 +217,7 @@ kubeControllerManager:
clusterCIDR: 100.96.0.0/11
clusterName: privatecalico.example.com
configureCloudRoutes: false
image: k8s.gcr.io/kube-controller-manager:v1.14.0
image: k8s.gcr.io/kube-controller-manager:v1.18.0
leaderElection:
leaderElect: true
logLevel: 2
@@ -224,10 +226,10 @@ kubeProxy:
clusterCIDR: 100.96.0.0/11
cpuRequest: 100m
hostnameOverride: '@aws'
image: k8s.gcr.io/kube-proxy:v1.14.0
image: k8s.gcr.io/kube-proxy:v1.18.0
logLevel: 2
kubeScheduler:
image: k8s.gcr.io/kube-scheduler:v1.14.0
image: k8s.gcr.io/kube-scheduler:v1.18.0
leaderElection:
leaderElect: true
logLevel: 2
@@ -239,8 +241,6 @@ kubelet:
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
ExperimentalCriticalPodAnnotation: "true"
hostnameOverride: '@aws'
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
@@ -256,8 +256,6 @@ masterKubelet:
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
ExperimentalCriticalPodAnnotation: "true"
hostnameOverride: '@aws'
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
@@ -277,13 +275,13 @@ __EOF_IG_SPEC
cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
Assets:
amd64:
- c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet
- 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl
- 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz
- 3a90e7abf9910aebf9ef5845918c665afd4136a8832604ccfabca2defb35ce0f@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubelet
- bb16739fcad964c197752200ff89d89aad7b118cb1de5725dc53fe924c40e3f7@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- 994fbfcdbb2eedcfa87e48d8edb9bb365f4e2747a7e47658482556c12fd9b2f5@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.6/cni-plugins-linux-amd64-v0.8.6.tgz
arm64:
- df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet
- 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl
- 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz
- db91a26f8baa2bce017172305e717e77be5cfc4272592be8cb0155e1cfa7719e@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubelet
- 0de307f90502cd58e5785cdcbebeb552df81fa2399190f8a662afea9e30bc74d@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubectl
- 43fbf750c5eccb10accffeeb092693c32b236fb25d919cf058c91a677822c999@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.6/cni-plugins-linux-arm64-v0.8.6.tgz
ClusterName: privatecalico.example.com
ConfigBase: memfs://clusters.example.com/privatecalico.example.com
InstanceGroupName: master-us-test-1a
@@ -296,8 +294,6 @@ KubeletConfig:
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
ExperimentalCriticalPodAnnotation: "true"
hostnameOverride: '@aws'
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
@@ -314,6 +310,9 @@ channels:
etcdManifests:
- memfs://clusters.example.com/privatecalico.example.com/manifests/etcd/main.yaml
- memfs://clusters.example.com/privatecalico.example.com/manifests/etcd/events.yaml
staticManifests:
- key: kube-apiserver-healthcheck
path: manifests/static/kube-apiserver-healthcheck.yaml
__EOF_KUBE_ENV

Loading

0 comments on commit 83d299d

Please sign in to comment.