Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add support for minimumKubeletVersion #4980

Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

add support for minimumKubeletVersion #4980

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
b0b84bd
[vendoring] bump k8s, openshift/api and dependencies
EmilienM Oct 24, 2024
ae22a61
Update CPO, HO and support for new dependencies
EmilienM Oct 17, 2024
5de3808
vendor api and library-go changes for minimum kubelet version
haircommander Oct 24, 2024
d6cecf8
*: add clock to changed function
haircommander Nov 21, 2024
e4c7e5e
use NodeSpec in ClusterConfiguration
haircommander Oct 28, 2024
3983ff1
add featuregate for minimum kubelet verison
haircommander Nov 5, 2024
9e7cce0
api: add oldestKubeletVersion
haircommander Nov 5, 2024
b74e50a
add feature gate controller to HCCO
haircommander Nov 21, 2024
b1e7556
hostedcluster: bubble up OldestKubeletVersion from HCP
haircommander Nov 21, 2024
300bc91
hostedcluster: set condition if OldestKubeletVersion < MinimumKubelet…
haircommander Nov 21, 2024
c6064b9
update fixtures
haircommander Nov 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
api: add oldestKubeletVersion 
Signed-off-by: Peter Hunt <pehunt@redhat.com>
  • Loading branch information
@haircommander
haircommander committed Dec 2, 2024
commit 9e7cce008eacbf052264080690cae56c0d402359
4 changes: 4 additions & 0 deletions api/hypershift/v1beta1/hosted_controlplane.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -318,6 +318,10 @@ type HostedControlPlaneStatus struct {

// NodeCount tracks the number of nodes in the HostedControlPlane.
NodeCount *int `json:"nodeCount,omitempty"`

// OldestKubeletVersion tracks the oldest kubelet version in a hosted cluster
Copy link
Member

@enxebre enxebre Nov 5, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This must be behind the featuregate marker and we will want the same feature gated field within the the HostedCluster. So we can bubble it up. HCP is an imple detail. HC is consumer facing.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm curious what you're imagining the data flow to be. kubelet versions -> HostedCluster -> HostedControlPlane, or kubelet versions -> HostedControlPlane -> Hosted Cluster or kubelet versions -> HostedCluster ; kubelet versions - > HostedControlPlane

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I'm confused why we need to involve the HostedCluster object at all here. HCP has the client connection and has the oldestKubeletVersion field, so it can validate the minimumKubeletversion and set a condition on the HCP object. It seems to me that when HCP condition is set, that will bubble up to the HC object which will then get exposed. Why do we need an additional field + additional controller for that field and potentially duplicate the checks

// +openshift:enable:FeatureGate=MinimumKubeletVersion
OldestKubeletVersion *string `json:"oldestKubeletVersion,omitempty"`
}

type APIEndpoint struct {
Expand Down
4 changes: 4 additions & 0 deletions api/hypershift/v1beta1/hostedcluster_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1414,6 +1414,10 @@ type HostedClusterStatus struct {
// Platform contains platform-specific status of the HostedCluster
// +optional
Platform *PlatformStatus `json:"platform,omitempty"`

// OldestKubeletVersion tracks the oldest kubelet version in a hosted cluster
// +openshift:enable:FeatureGate=MinimumKubeletVersion
OldestKubeletVersion *string `json:"oldestKubeletVersion,omitempty"`
}

// PlatformStatus contains platform-specific status
Expand Down
10 changes: 10 additions & 0 deletions api/hypershift/v1beta1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

600 changes: 451 additions & 149 deletions ...turegated-crd-manifests/hostedclusters.hypershift.openshift.io/MinimumKubeletVersion.yaml
View file
Open in desktop

Large diffs are not rendered by default.

373 changes: 298 additions & 75 deletions ...ated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/MinimumKubeletVersion.yaml
View file
Open in desktop

Large diffs are not rendered by default.

9 changes: 9 additions & 0 deletions client/applyconfiguration/hypershift/v1beta1/clusterconfiguration.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 9 additions & 0 deletions client/applyconfiguration/hypershift/v1beta1/hostedclusterstatus.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 9 additions & 0 deletions client/applyconfiguration/hypershift/v1beta1/hostedcontrolplanestatus.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

25 changes: 25 additions & 0 deletions ...ts/hypershift-operator/zz_generated.crd-manifests/hostedclusters-CustomNoUpgrade.crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1642,6 +1642,27 @@ spec:
- v2
- ""
type: string
minimumKubeletVersion:
description: |-
minimumKubeletVersion is the lowest version of a kubelet that can join the cluster.
Specifically, the apiserver will deny most authorization requests of kubelets that are older
than the specified version, only allowing the kubelet to get and update its node object, and perform
subjectaccessreviews.
This means any kubelet that attempts to join the cluster will not be able to run any assigned workloads,
and will eventually be marked as not ready.
Its max length is 8, so maximum version allowed is either "9.999.99" or "99.99.99".
Since the kubelet reports the version of the kubernetes release, not Openshift, this field references
the underlying kubernetes version this version of Openshift is based off of.
In other words: if an admin wishes to ensure no nodes run an older version than Openshift 4.17, then
they should set the minimumKubeletVersion to 1.30.0.
When comparing versions, the kubelet's version is stripped of any contents outside of major.minor.patch version.
Thus, a kubelet with version "1.0.0-ec.0" will be compatible with minimumKubeletVersion "1.0.0" or earlier.
maxLength: 8
type: string
x-kubernetes-validations:
- message: minmumKubeletVersion must be in a semver compatible
format of x.y.z, or empty
rule: self == "" || self.matches('^[0-9]*.[0-9]*.[0-9]*$')
workerLatencyProfile:
description: |-
WorkerLatencyProfile determins the how fast the kubelet is updating
Expand Down Expand Up @@ -5421,6 +5442,10 @@ spec:
with the name of an identity provider defined on the HostedCluster.
This is populated after the infrastructure is ready.
type: string
oldestKubeletVersion:
description: OldestKubeletVersion tracks the oldest kubelet version
in a hosted cluster
type: string
payloadArch:
description: |-
payloadArch represents the CPU architecture type of the HostedCluster.Spec.Release.Image. The valid values are:
Expand Down
25 changes: 25 additions & 0 deletions ...pershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-CustomNoUpgrade.crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1599,6 +1599,27 @@ spec:
- v2
- ""
type: string
minimumKubeletVersion:
description: |-
minimumKubeletVersion is the lowest version of a kubelet that can join the cluster.
Specifically, the apiserver will deny most authorization requests of kubelets that are older
than the specified version, only allowing the kubelet to get and update its node object, and perform
subjectaccessreviews.
This means any kubelet that attempts to join the cluster will not be able to run any assigned workloads,
and will eventually be marked as not ready.
Its max length is 8, so maximum version allowed is either "9.999.99" or "99.99.99".
Since the kubelet reports the version of the kubernetes release, not Openshift, this field references
the underlying kubernetes version this version of Openshift is based off of.
In other words: if an admin wishes to ensure no nodes run an older version than Openshift 4.17, then
they should set the minimumKubeletVersion to 1.30.0.
When comparing versions, the kubelet's version is stripped of any contents outside of major.minor.patch version.
Thus, a kubelet with version "1.0.0-ec.0" will be compatible with minimumKubeletVersion "1.0.0" or earlier.
maxLength: 8
type: string
x-kubernetes-validations:
- message: minmumKubeletVersion must be in a semver compatible
format of x.y.z, or empty
rule: self == "" || self.matches('^[0-9]*.[0-9]*.[0-9]*$')
workerLatencyProfile:
description: |-
WorkerLatencyProfile determins the how fast the kubelet is updating
Expand Down Expand Up @@ -5265,6 +5286,10 @@ spec:
with the name of an identity provider defined on the HostedCluster.
This is populated after the infrastructure is ready.
type: string
oldestKubeletVersion:
description: OldestKubeletVersion tracks the oldest kubelet version
in a hosted cluster
type: string
platform:
description: Platform contains platform-specific status of the HostedCluster
properties:
Expand Down
22 changes: 22 additions & 0 deletions docs/content/reference/api.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5479,6 +5479,17 @@ PlatformStatus
<p>Platform contains platform-specific status of the HostedCluster</p>
</td>
</tr>
<tr>
<td>
<code>oldestKubeletVersion</code></br>
<em>
string
</em>
</td>
<td>
<p>OldestKubeletVersion tracks the oldest kubelet version in a hosted cluster</p>
</td>
</tr>
</tbody>
</table>
###HostedControlPlaneSpec { #hypershift.openshift.io/v1beta1.HostedControlPlaneSpec }
Expand Down Expand Up @@ -6126,6 +6137,17 @@ int
<p>NodeCount tracks the number of nodes in the HostedControlPlane.</p>
</td>
</tr>
<tr>
<td>
<code>oldestKubeletVersion</code></br>
<em>
string
</em>
</td>
<td>
<p>OldestKubeletVersion tracks the oldest kubelet version in a hosted cluster</p>
</td>
</tr>
</tbody>
</table>
###IBMCloudKMSAuthSpec { #hypershift.openshift.io/v1beta1.IBMCloudKMSAuthSpec }
Expand Down
4 changes: 4 additions & 0 deletions vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hosted_controlplane.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 4 additions & 0 deletions vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hostedcluster_types.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 10 additions & 0 deletions vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.