Networking cleanup

cmd/kops/create_cluster.go

@@ -221,7 +221,7 @@ var (
 		--node-size $NODE_SIZE \
 		--master-size $MASTER_SIZE \
 		--master-zones $ZONES \
-		--networking weave \
+		--networking cilium \
 		--topology private \
 		--bastion="true" \
 		--yes
@@ -330,7 +330,7 @@ func NewCmdCreateCluster(f *util.Factory, out io.Writer) *cobra.Command {
 
 	cmd.Flags().StringVar(&options.Image, "image", options.Image, "Image to use for all instances.")
 
-	cmd.Flags().StringVar(&options.Networking, "networking", options.Networking, "Networking mode to use.  kubenet (default), classic, external, kopeio-vxlan (or kopeio), weave, flannel-vxlan (or flannel), flannel-udp, calico, canal, kube-router, romana, amazon-vpc-routed-eni, cilium, cni.")
+	cmd.Flags().StringVar(&options.Networking, "networking", options.Networking, "Networking mode to use.  kubenet, external, weave, flannel-vxlan (or flannel), flannel-udp, calico, canal, kube-router, amazon-vpc-routed-eni, cilium, cni, lyftvpc.")
 
 	cmd.Flags().StringVar(&options.DNSZone, "dns-zone", options.DNSZone, "DNS hosted zone to use (defaults to longest matching zone)")
 	cmd.Flags().StringVar(&options.OutDir, "out", options.OutDir, "Path to write any local output")
@@ -1020,8 +1020,6 @@ func RunCreateCluster(ctx context.Context, f *util.Factory, out io.Writer, c *Cr
 
 	cluster.Spec.Networking = &api.NetworkingSpec{}
 	switch c.Networking {
-	case "classic":
-		cluster.Spec.Networking.Classic = &api.ClassicNetworkingSpec{}
 	case "kubenet":
 		cluster.Spec.Networking.Kubenet = &api.KubenetNetworkingSpec{}
 	case "external":
@@ -1110,8 +1108,8 @@ func RunCreateCluster(ctx context.Context, f *util.Factory, out io.Writer, c *Cr
 		}
 
 	case api.TopologyPrivate:
-		if !supportsPrivateTopology(cluster.Spec.Networking) {
-			return fmt.Errorf("Invalid networking option %s. Currently only '--networking kopeio-vxlan (or kopeio)', '--networking weave', '--networking flannel', '--networking calico', '--networking canal', '--networking kube-router', '--networking romana', '--networking amazon-vpc-routed-eni', '--networking cilium', '--networking lyftvpc', '--networking cni' are supported for private topologies", c.Networking)
+		if cluster.Spec.Networking.Kubenet != nil {
+			return fmt.Errorf("invalid networking option %s. Kubenet does not support private topology", c.Networking)
 		}
 		cluster.Spec.Topology = &api.TopologySpec{
 			Masters: api.TopologyPrivate,
@@ -1453,14 +1451,6 @@ func RunCreateCluster(ctx context.Context, f *util.Factory, out io.Writer, c *Cr
 	return nil
 }
 
-func supportsPrivateTopology(n *api.NetworkingSpec) bool {
-
-	if n.CNI != nil || n.Kopeio != nil || n.Weave != nil || n.Flannel != nil || n.Calico != nil || n.Canal != nil || n.Kuberouter != nil || n.Romana != nil || n.AmazonVPC != nil || n.Cilium != nil || n.LyftVPC != nil || n.GCE != nil {
-		return true
-	}
-	return false
-}
-
 func trimCommonPrefix(names []string) []string {
 	// Trim shared prefix to keep the lengths sane
 	// (this only applies to new clusters...)

cmd/kops/upgrade_cluster.go

@@ -168,28 +168,6 @@ func (c *UpgradeClusterCmd) Run(ctx context.Context, args []string) error {
 		proposedKubernetesVersion = currentKubernetesVersion
 	}
 
-	// Prompt to upgrade addins?
-
-	// Prompt to upgrade to kubenet
-	if channelClusterSpec.Networking != nil {
-		if cluster.Spec.Networking == nil {
-			cluster.Spec.Networking = &kopsapi.NetworkingSpec{}
-		}
-		// TODO: make this less hard coded
-		if channelClusterSpec.Networking.Kubenet != nil && channelClusterSpec.Networking.Classic != nil {
-			actions = append(actions, &upgradeAction{
-				Item:     "Cluster",
-				Property: "Networking",
-				Old:      "classic",
-				New:      "kubenet",
-				apply: func() {
-					cluster.Spec.Networking.Classic = nil
-					cluster.Spec.Networking.Kubenet = channelClusterSpec.Networking.Kubenet
-				},
-			})
-		}
-	}
-
 	cloud, err := cloudup.BuildCloud(cluster)
 	if err != nil {
 		return err

docs/cli/kops_create_cluster.md

@@ -37,7 +37,7 @@ kops create cluster [flags]
   --node-size $NODE_SIZE \
   --master-size $MASTER_SIZE \
   --master-zones $ZONES \
-  --networking weave \
+  --networking cilium \
   --topology private \
   --bastion="true" \
   --yes
@@ -94,7 +94,7 @@ kops create cluster [flags]
       --master-zones strings             Zones in which to run masters (must be an odd number)
       --model string                     Models to apply (separate multiple models with commas) (default "proto,cloudup")
       --network-cidr string              Set to override the default network CIDR
-      --networking string                Networking mode to use.  kubenet (default), classic, external, kopeio-vxlan (or kopeio), weave, flannel-vxlan (or flannel), flannel-udp, calico, canal, kube-router, romana, amazon-vpc-routed-eni, cilium, cni. (default "kubenet")
+      --networking string                Networking mode to use.  kubenet, external, weave, flannel-vxlan (or flannel), flannel-udp, calico, canal, kube-router, amazon-vpc-routed-eni, cilium, cni, lyftvpc. (default "kubenet")
       --node-count int32                 Set the number of nodes
       --node-security-groups strings     Add precreated additional security groups to nodes.
       --node-size string                 Set instance size for nodes

k8s/crds/kops.k8s.io_clusters.yaml

@@ -3132,21 +3132,21 @@ spec:
                     type: object
                   classic:
                     description: ClassicNetworkingSpec is the specification of classic
-                      networking mode, integrated into kubernetes
+                      networking mode, integrated into kubernetes. Support been removed
+                      since kubernetes 1.4.
                     type: object
                   cni:
                     description: CNINetworkingSpec is the specification for networking
-                      that is implemented by a Daemonset Networking is not managed
-                      by kops - we can create options here that directly configure
-                      e.g. weave but this is useful for arbitrary network modes or
-                      for modes that don't need additional configuration.
+                      that is implemented by a user-provided Daemonset, which uses
+                      the CNI kubelet networking plugin.
                     properties:
                       usesSecondaryIP:
                         type: boolean
                     type: object
                   external:
                     description: ExternalNetworkingSpec is the specification for networking
-                      that is implemented by a Daemonset It also uses kubenet
+                      that is implemented by a user-provided Daemonset that uses the
+                      Kubenet kubelet networking plugin.
                     type: object
                   flannel:
                     description: FlannelNetworkingSpec declares that we want Flannel

nodeup/pkg/model/containerd.go

@@ -339,10 +339,7 @@ func (b *ContainerdBuilder) Build(c *fi.ModelBuilderContext) error {
 	// Using containerd with Kubenet requires special configuration. This is a temporary backwards-compatible solution
 	// and will be deprecated when Kubenet is deprecated:
 	// https://github.com/containerd/cri/blob/master/docs/config.md#cni-config-template
-	usesKubenet, err := components.UsesKubenet(&b.Cluster.Spec)
-	if err != nil {
-		return err
-	}
+	usesKubenet := components.UsesKubenet(b.Cluster.Spec.Networking)
 	if b.Cluster.Spec.ContainerRuntime == "containerd" && usesKubenet {
 		b.buildKubenetCNIConfigTemplate(c)
 	}

nodeup/pkg/model/context.go

@@ -343,16 +343,6 @@ func (c *NodeupModelContext) UseEtcdTLSAuth() bool {
 	return false
 }
 
-// UsesCNI checks if the cluster has CNI configured
-func (c *NodeupModelContext) UsesCNI() bool {
-	networking := c.Cluster.Spec.Networking
-	if networking == nil || networking.Classic != nil {
-		return false
-	}
-
-	return true
-}
-
 // UseNodeAuthorization checks if have a node authorization policy
 func (c *NodeupModelContext) UseNodeAuthorization() bool {
 	return c.Cluster.Spec.NodeAuthorization != nil

nodeup/pkg/model/kubelet.go

@@ -25,6 +25,8 @@ import (
 	"strings"
 	"time"
 
+	"k8s.io/kops/pkg/model/components"
+
 	"github.com/aws/aws-sdk-go/aws/ec2metadata"
 	"github.com/aws/aws-sdk-go/aws/session"
 
@@ -134,7 +136,7 @@ func (b *KubeletBuilder) Build(c *fi.ModelBuilderContext) error {
 		}
 	}
 
-	if b.UsesCNI() {
+	if components.UsesCNI(b.Cluster.Spec.Networking) {
 		c.AddTask(&nodetasks.File{
 			Path: b.CNIConfDir(),
 			Type: nodetasks.FileType_Directory,
@@ -212,10 +214,8 @@ func (b *KubeletBuilder) buildSystemdEnvironmentFile(kubeletConfig *kops.Kubelet
 		flags += " --cloud-config=" + CloudConfigFilePath
 	}
 
-	if b.UsesCNI() {
-		flags += " --cni-bin-dir=" + b.CNIBinDir()
-		flags += " --cni-conf-dir=" + b.CNIConfDir()
-	}
+	flags += " --cni-bin-dir=" + b.CNIBinDir()
+	flags += " --cni-conf-dir=" + b.CNIConfDir()
 
 	if b.UsesSecondaryIP() {
 		sess := session.Must(session.NewSession())

pkg/apis/kops/cluster.go

@@ -605,9 +605,7 @@ func (c *Cluster) FillDefaults() error {
 
 // fillClusterSpecNetworking provides default value if c.Spec.NetworkingSpec is nil
 func (c *Cluster) fillClusterSpecNetworkingSpec() {
-	if c.Spec.Networking.Classic != nil {
-		// OK
-	} else if c.Spec.Networking.Kubenet != nil {
+	if c.Spec.Networking.Kubenet != nil {
 		// OK
 	} else if c.Spec.Networking.CNI != nil {
 		// OK

pkg/apis/kops/networking.go

@@ -37,22 +37,20 @@ type NetworkingSpec struct {
 	GCE        *GCENetworkingSpec        `json:"gce,omitempty"`
 }
 
-// ClassicNetworkingSpec is the specification of classic networking mode, integrated into kubernetes
+// ClassicNetworkingSpec is the specification of classic networking mode, integrated into kubernetes.
+// Support been removed since Kubernetes 1.4.
 type ClassicNetworkingSpec struct {
 }
 
 // KubenetNetworkingSpec is the specification for kubenet networking, largely integrated but intended to replace classic
 type KubenetNetworkingSpec struct {
 }
 
-// ExternalNetworkingSpec is the specification for networking that is implemented by a Daemonset
-// It also uses kubenet
+// ExternalNetworkingSpec is the specification for networking that is implemented by a user-provided Daemonset that uses the Kubenet kubelet networking plugin.
 type ExternalNetworkingSpec struct {
 }
 
-// CNINetworkingSpec is the specification for networking that is implemented by a Daemonset
-// Networking is not managed by kops - we can create options here that directly configure e.g. weave
-// but this is useful for arbitrary network modes or for modes that don't need additional configuration.
+// CNINetworkingSpec is the specification for networking that is implemented by a user-provided Daemonset, which uses the CNI kubelet networking plugin.
 type CNINetworkingSpec struct {
 	UsesSecondaryIP bool `json:"usesSecondaryIP,omitempty"`
 }

pkg/apis/kops/v1alpha2/networking.go

@@ -37,22 +37,20 @@ type NetworkingSpec struct {
 	GCE        *GCENetworkingSpec        `json:"gce,omitempty"`
 }
 
-// ClassicNetworkingSpec is the specification of classic networking mode, integrated into kubernetes
+// ClassicNetworkingSpec is the specification of classic networking mode, integrated into kubernetes.
+// Support been removed since kubernetes 1.4.
 type ClassicNetworkingSpec struct {
 }
 
 // KubenetNetworkingSpec is the specification for kubenet networking, largely integrated but intended to replace classic
 type KubenetNetworkingSpec struct {
 }
 
-// ExternalNetworkingSpec is the specification for networking that is implemented by a Daemonset
-// It also uses kubenet
+// ExternalNetworkingSpec is the specification for networking that is implemented by a user-provided Daemonset that uses the Kubenet kubelet networking plugin.
 type ExternalNetworkingSpec struct {
 }
 
-// CNINetworkingSpec is the specification for networking that is implemented by a Daemonset
-// Networking is not managed by kops - we can create options here that directly configure e.g. weave
-// but this is useful for arbitrary network modes or for modes that don't need additional configuration.
+// CNINetworkingSpec is the specification for networking that is implemented by a user-provided Daemonset, which uses the CNI kubelet networking plugin.
 type CNINetworkingSpec struct {
 	UsesSecondaryIP bool `json:"usesSecondaryIP,omitempty"`
 }

pkg/model/components/containerd.go

@@ -63,10 +63,7 @@ func (b *ContainerdOptionsBuilder) BuildOptions(o interface{}) error {
 
 		// Apply defaults for containerd running in container runtime mode
 		containerd.LogLevel = fi.String("info")
-		usesKubenet, err := UsesKubenet(clusterSpec)
-		if err != nil {
-			return err
-		}
+		usesKubenet := UsesKubenet(clusterSpec.Networking)
 		if clusterSpec.Networking != nil && usesKubenet {
 			// Using containerd with Kubenet requires special configuration. This is a temporary backwards-compatible solution
 			// and will be deprecated when Kubenet is deprecated:

pkg/model/components/containerd_test.go

@@ -29,6 +29,9 @@ func buildContainerdCluster(version string) *kopsapi.Cluster {
 		Spec: kopsapi.ClusterSpec{
 			CloudProvider:     "aws",
 			KubernetesVersion: version,
+			Networking: &kopsapi.NetworkingSpec{
+				Kubenet: &kopsapi.KubenetNetworkingSpec{},
+			},
 		},
 	}
 }

pkg/model/components/context.go

@@ -76,26 +76,31 @@ func KubernetesVersion(clusterSpec *kops.ClusterSpec) (*semver.Version, error) {
 }
 
 // UsesKubenet returns true if our networking is derived from kubenet
-func UsesKubenet(clusterSpec *kops.ClusterSpec) (bool, error) {
-	networking := clusterSpec.Networking
-	if networking == nil || networking.Classic != nil {
-		return false, nil
-	} else if networking.Kubenet != nil {
-		return true, nil
+func UsesKubenet(networking *kops.NetworkingSpec) bool {
+	if networking == nil {
+		panic("no networking mode set")
+	}
+	if networking.Kubenet != nil {
+		return true
 	} else if networking.GCE != nil {
 		// GCE IP Alias networking is based on kubenet
-		return true, nil
+		return true
 	} else if networking.External != nil {
 		// external is based on kubenet
-		return true, nil
-	} else if networking.CNI != nil || networking.Weave != nil || networking.Flannel != nil || networking.Calico != nil || networking.Canal != nil || networking.Kuberouter != nil || networking.Romana != nil || networking.AmazonVPC != nil || networking.Cilium != nil || networking.LyftVPC != nil {
-		return false, nil
+		return true
 	} else if networking.Kopeio != nil {
 		// Kopeio is based on kubenet / external
-		return true, nil
-	} else {
-		return false, fmt.Errorf("no networking mode set")
+		return true
 	}
+
+	return false
+
+}
+
+// UsesCNI returns true if the networking provider is a CNI plugin
+func UsesCNI(networking *kops.NetworkingSpec) bool {
+	// Kubenet and CNI are the only kubelet networking plugins right now.
+	return !UsesKubenet(networking)
 }
 
 func WellKnownServiceIP(clusterSpec *kops.ClusterSpec, id int) (net.IP, error) {

pkg/model/components/docker.go

@@ -17,7 +17,6 @@ limitations under the License.
 package components
 
 import (
-	"k8s.io/klog"
 	"k8s.io/kops/pkg/apis/kops"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/loader"
@@ -86,11 +85,5 @@ func (b *DockerOptionsBuilder) BuildOptions(o interface{}) error {
 		docker.Storage = fi.String("overlay,aufs")
 	}
 
-	networking := clusterSpec.Networking
-	if networking == nil || networking.Classic != nil {
-		klog.Warningf("using deprecated (classic) networking")
-		docker.Bridge = fi.String("cbr0")
-	}
-
 	return nil
 }

pkg/model/components/kubecontrollermanager.go

@@ -127,7 +127,7 @@ func (b *KubeControllerManagerOptionsBuilder) BuildOptions(o interface{}) error
 	kcm.ConfigureCloudRoutes = fi.Bool(false)
 
 	networking := clusterSpec.Networking
-	if networking == nil || networking.Classic != nil {
+	if networking == nil {
 		kcm.ConfigureCloudRoutes = fi.Bool(true)
 	} else if networking.Kubenet != nil {
 		kcm.ConfigureCloudRoutes = fi.Bool(true)
@@ -140,7 +140,7 @@ func (b *KubeControllerManagerOptionsBuilder) BuildOptions(o interface{}) error
 		}
 	} else if networking.External != nil {
 		kcm.ConfigureCloudRoutes = fi.Bool(false)
-	} else if networking.CNI != nil || networking.Weave != nil || networking.Flannel != nil || networking.Calico != nil || networking.Canal != nil || networking.Kuberouter != nil || networking.Romana != nil || networking.AmazonVPC != nil || networking.Cilium != nil || networking.LyftVPC != nil {
+	} else if UsesCNI(networking) {
 		kcm.ConfigureCloudRoutes = fi.Bool(false)
 	} else if networking.Kopeio != nil {
 		// Kopeio is based on kubenet / external

pkg/model/components/kubelet.go

@@ -17,6 +17,7 @@ limitations under the License.
 package components
 
 import (
+	"fmt"
 	"strings"
 
 	"k8s.io/klog"
@@ -173,11 +174,12 @@ func (b *KubeletOptionsBuilder) BuildOptions(o interface{}) error {
 		clusterSpec.Kubelet.CloudProvider = "external"
 	}
 
-	usesKubenet, err := UsesKubenet(clusterSpec)
-	if err != nil {
-		return err
+	networking := clusterSpec.Networking
+	if networking == nil {
+		return fmt.Errorf("no networking mode set")
+
 	}
-	if usesKubenet {
+	if UsesKubenet(networking) {
 		clusterSpec.Kubelet.NetworkPluginName = "kubenet"
 
 		// AWS MTU is 9001

pkg/model/components/kubelet_test.go

@@ -29,6 +29,7 @@ func buildKubeletTestCluster() *kops.Cluster {
 			KubernetesVersion:     "1.6.2",
 			ServiceClusterIPRange: "10.10.0.0/16",
 			Kubelet:               &kops.KubeletConfigSpec{},
+			Networking:            &kops.NetworkingSpec{},
 		},
 	}
 }

pkg/model/components/networking.go

@@ -43,7 +43,7 @@ func (b *NetworkingOptionsBuilder) BuildOptions(o interface{}) error {
 		return fmt.Errorf("networking not set")
 	}
 
-	if networking.CNI != nil || networking.Weave != nil || networking.Flannel != nil || networking.Calico != nil || networking.Canal != nil || networking.Kuberouter != nil || networking.Romana != nil || networking.AmazonVPC != nil || networking.Cilium != nil || networking.LyftVPC != nil {
+	if UsesCNI(networking) {
 		options.Kubelet.NetworkPluginName = "cni"
 
 		// ConfigureCBR0 flag removed from 1.5