-
Notifications
You must be signed in to change notification settings - Fork 6.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Swap roles kubespray-defaults & bootstrap-os #11441
Conversation
Hi @huangkevin404. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
/ok-to-test |
If we are confident that the automated tests have sufficient coverage, I updated the docs to reflect that bootstrap-os no longer needs kubespray-defaults. |
I have done quite a bit of refactoring of bootstrap-os some time ago, so it's possible the requirements is gone without we noticing. OTOH:
This should not be the case because of this in the bootstrap role kubespray/roles/kubespray-defaults/tasks/main.yaml Lines 1 to 19 in 1798989
I'm not sure what exactly led to that implementation, but it's not ideal. Could you add a commit to remove the check for boostrap-os in kubespray-defaults, since it should not be needed after the reordering ? |
Are you suggesting that we should remove this check ? kubespray/roles/kubespray-defaults/tasks/main.yaml Lines 4 to 7 in 1798989
From what I understand, this check could still be useful if someone ever calls the kubespray-defaults role without calling bootstrap-os (which does seems to happen, for example in the recover_control_plane playbook). But you might be more familiar with this check than me. |
Actually, this check if for avoiding doing stuff which require that bootstrap-os has been run before, and it's only needed once (because all other invocation of kubespray-defaults are afterwards, and bootstrap has already run). Since bootstrap does not need kubespray-defaults AFAICT, reordering means than kubespray defaults will always runs after bootstrap, thus we can drop the check. EDIT: I suggest you specify that you squash your two commits together, and explain in the commit message that the kubespray-defaults requirements of bootstrap-os is now gone. |
e4a323c
to
7c7f87d
Compare
Thanks for the explanation @VannTen ! |
Can you properly separate the title of your commit from the message please ? |
- Execute boostrap-os before so that Python is installed for kubespray-defaults - Remove outdated kubespray-defaults dependency on boostrap-os
7c7f87d
to
7fb8b2f
Compare
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: huangkevin404, VannTen The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest-failed
|
1 similar comment
/retest-failed |
/retest
|
commit 656ed79 Author: janosbabik <143906591+janosbabik@users.noreply.github.com> Date: Thu Sep 26 10:12:01 2024 +0200 [etcd] make etcd 3.5.16 default (kubernetes-sigs#11572) * [etcd] make etcd 3.5.16 default * Update etcd binary checksums for version 3.5.16 and lower commit e355bef Author: Bakke <luringens@protonmail.com> Date: Thu Sep 26 07:22:02 2024 +0000 fix: vsphere image repositories, tags and docs (kubernetes-sigs#11564) The old repository for these has been deleted, leaving the previous configuration not possible to deploy, and even currently running clusters fail after a restart as the DeameonSet has ImagePullPolicy: Always. More details can be found here: kubernetes-sigs/vsphere-csi-driver#3053 As of writing, only CSI driver versions 3.1.2 to 3.3.1 is available in this registry. This "officially" supports Kubernetes 1.26 to 1.30. Since older drivers are not available, I have removed some feature-gating for those unavailable versions while I was at it. For the cloud provider, the `latest` image is now missing, and only 1.28.0 to 1.31.0 are available. I've set the latest of these as the new default. I also updated the documented default versions, as they were all out of date and not aligned with actual code defaults. commit 15bb5b0 Author: Philip Sabri <Philipsabri@gmail.com> Date: Wed Sep 25 06:10:01 2024 +0200 [kubernetes] Support kubernetes 1.31.1 (kubernetes-sigs#11533) commit ebdc599 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Sep 24 02:52:00 2024 +0100 Bump tox from 4.18.1 to 4.20.0 (kubernetes-sigs#11562) Bumps [tox](https://github.com/tox-dev/tox) from 4.18.1 to 4.20.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.18.1...4.20.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 1c0718b Author: Baargav <baargavrag@gmail.com> Date: Mon Sep 23 10:31:59 2024 -0400 update containerd 1.7.22 (kubernetes-sigs#11554) commit 03a055c Merge: e9d406e fe60832 Author: Kubernetes Prow Robot <20407524+k8s-ci-robot@users.noreply.github.com> Date: Mon Sep 23 14:16:00 2024 +0100 Merge pull request kubernetes-sigs#10643 from VannTen/cleanup/k8s_node_templates Refactor kubernetes/node templates commit e9d406e Merge: 99c6a88 1818993 Author: Kubernetes Prow Robot <20407524+k8s-ci-robot@users.noreply.github.com> Date: Mon Sep 23 10:08:00 2024 +0100 Merge pull request kubernetes-sigs#11559 from VannTen/cleanup/less_inventory_boilerplate Only require minimum structure in inventory, compute the rest commit 99c6a88 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Sep 23 09:32:00 2024 +0100 Bump ansible-lint from 24.9.0 to 24.9.2 (kubernetes-sigs#11563) Bumps [ansible-lint](https://github.com/ansible/ansible-lint) from 24.9.0 to 24.9.2. - [Release notes](https://github.com/ansible/ansible-lint/releases) - [Commits](ansible/ansible-lint@v24.9.0...v24.9.2) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 1818993 Author: Max Gautier <mg@max.gautier.name> Date: Sat Sep 21 15:10:59 2024 +0200 CI: for upgrade testing, checkout old version before provisioning Otherwise, modifying the test inventory + it's expected structure will always fail. commit 88b6f08 Author: Max Gautier <mg@max.gautier.name> Date: Sat Sep 21 14:33:45 2024 +0200 Documentation of k8s_cluster auto-defined Also remove the group from the example inventory, since it should not be needed anymore. commit 7580e59 Author: Max Gautier <mg@max.gautier.name> Date: Sat Sep 21 14:16:17 2024 +0200 Define k8s_cluster dynamically This allows inventories to not define the k8s_cluster group manually. commit 2ec1c93 Author: Max Gautier <mg@max.gautier.name> Date: Sat Sep 21 14:09:09 2024 +0200 Test group membership with group_names Testing for group membership with group names makes Kubespray more tolerant towards the structure of the inventory. Where 'inventory_hostname in groups["some_group"] would fail if "some_group" is not defined, '"some_group" in group_names' would not. commit 89ff071 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Sep 20 10:45:58 2024 +0100 Bump ansible-lint from 24.7.0 to 24.9.0 (kubernetes-sigs#11541) Bumps [ansible-lint](https://github.com/ansible/ansible-lint) from 24.7.0 to 24.9.0. - [Release notes](https://github.com/ansible/ansible-lint/releases) - [Commits](ansible/ansible-lint@v24.7.0...v24.9.0) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 1fa4bb7 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Sep 20 09:33:39 2024 +0100 Bump ansible from 9.8.0 to 9.10.0 (kubernetes-sigs#11540) Bumps [ansible](https://github.com/ansible-community/ansible-build-data) from 9.8.0 to 9.10.0. - [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md) - [Commits](ansible-community/ansible-build-data@9.8.0...9.10.0) --- updated-dependencies: - dependency-name: ansible dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 93ee122 Merge: 4323e5d d54356e Author: Kubernetes Prow Robot <20407524+k8s-ci-robot@users.noreply.github.com> Date: Fri Sep 20 01:05:14 2024 +0100 Merge pull request kubernetes-sigs#11521 from VannTen/cleanup/deduplicate_kubeadm_control_plane Use in inventory variables rather than patch files for kubeadm_patches commit 4323e5d Author: Leeon Fu <48649837+leeonfu@users.noreply.github.com> Date: Fri Sep 20 02:14:37 2024 +0800 Reset operation, disable service enabled and clean container's logs. (kubernetes-sigs#11501) commit 1636979 Merge: 893e9cb 4bf2d7a Author: Kubernetes Prow Robot <20407524+k8s-ci-robot@users.noreply.github.com> Date: Thu Sep 19 13:46:45 2024 +0100 Merge pull request kubernetes-sigs#11527 from VannTen/feat/vagrant_multi_inv Cleanup Vagrantfile and allow to use multiples inventories commit 893e9cb Merge: 76c42b4 5b057c7 Author: Kubernetes Prow Robot <20407524+k8s-ci-robot@users.noreply.github.com> Date: Wed Sep 18 13:18:44 2024 +0100 Merge pull request kubernetes-sigs#11471 from VannTen/feat/config_plugin_list Update the list of admission plugins which needs config commit 76c42b4 Author: Max Gautier <mg@max.gautier.name> Date: Wed Sep 18 14:04:50 2024 +0200 CI: cleanup '-scale' tests infra (kubernetes-sigs#11535) There is actually no test using this since ad6fece, so there is no reason to keep that infra in our tests scripts. commit b3b0077 Author: Max Gautier <mg@max.gautier.name> Date: Wed Sep 18 14:04:44 2024 +0200 Remove unused test infrastructure (kubernetes-sigs#11529) These two files haven't been touched since 2016 and don't appear to be referenced anywhere else commit e550118 Author: Qasim Mehmood <18313886+ThisIsQasim@users.noreply.github.com> Date: Wed Sep 18 15:54:44 2024 +0500 Allow setting annotations on ingress-nginx service (kubernetes-sigs#11544) commit c3de25c Author: Max Gautier <mg@max.gautier.name> Date: Wed Sep 18 02:34:45 2024 +0200 Move the CRI endpoint setting to kubelet config (kubernetes-sigs#11550) The `--container-runtime-endpoint` kubelet argument is deprecated in favor of the config file alternative. commit 59dd713 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Sep 16 08:31:14 2024 +0100 Bump molecule from 24.8.0 to 24.9.0 (kubernetes-sigs#11542) Bumps [molecule](https://github.com/ansible-community/molecule) from 24.8.0 to 24.9.0. - [Release notes](https://github.com/ansible-community/molecule/releases) - [Commits](ansible/molecule@v24.8.0...v24.9.0) --- updated-dependencies: - dependency-name: molecule dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit e5d2452 Author: Kay Yan <kay.yan@daocloud.io> Date: Sun Sep 15 20:59:13 2024 +0800 fix elastx cleanup security groups (kubernetes-sigs#11411) commit 8cb081a Author: ChengHao Yang <17496418+tico88612@users.noreply.github.com> Date: Sun Sep 15 00:35:13 2024 +0800 Fix: download hash crictl link (kubernetes-sigs#11534) Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com> commit 4bf2d7a Author: Max Gautier <mg@max.gautier.name> Date: Thu Sep 12 16:44:30 2024 +0200 Rework vagrant documentation - Use proper syntax highlighting for config.rb examples - Consistent shell style ($ as prompt) - Use only one way to do things - Remove OS specific details commit 1e769b7 Author: Max Gautier <mg@max.gautier.name> Date: Thu Sep 12 13:56:12 2024 +0200 Rework vagrant inventory handling + support for multiples inventories The current way to handle a custom inventory in vagrant is a bit hackish, copy files around and can break Vagrantfile parsing in cornercase scenarios (removing vagrant inventories, or the inventory copied into vagrant inventory). Instead, simply pass additional inventories to the ansible-playbook command lines as raw arguments with `-i`. This also makes supporting multiples inventories trivial, so we add a new `$inventories` variable for that purpose. commit 8d8d063 Author: Max Gautier <mg@max.gautier.name> Date: Fri Sep 13 03:31:12 2024 +0000 Remove useless file (kubernetes-sigs#11526) This was somehow copied from vagrant docs, not sure why it's there... commit c601c8f Author: Kevin Huang <git@kevin.huang.to> Date: Thu Sep 12 23:21:12 2024 +0200 fix: Swap kubespray-defaults & boostrap-os (kubernetes-sigs#11441) - Execute boostrap-os before so that Python is installed for kubespray-defaults - Remove outdated kubespray-defaults dependency on boostrap-os commit 5ae433b Author: Max Gautier <mg@max.gautier.name> Date: Thu Sep 12 10:01:13 2024 +0000 Remove refs to rhel7 in Vagrantfile (kubernetes-sigs#11525) commit d54356e Author: Max Gautier <mg@max.gautier.name> Date: Tue Sep 10 17:38:56 2024 +0200 Add testcase for kubeadm_patches commit c87097f Author: Max Gautier <mg@max.gautier.name> Date: Tue Sep 10 17:34:04 2024 +0200 Document how to use kubeadm patches commit 4e6ae04 Merge: d54cfba 230cb37 Author: Kubernetes Prow Robot <20407524+k8s-ci-robot@users.noreply.github.com> Date: Thu Sep 12 06:51:12 2024 +0100 Merge pull request kubernetes-sigs#11513 from VannTen/feat/python_download Refactor and expand download_hash.py commit 8e254ec Author: Max Gautier <mg@max.gautier.name> Date: Tue Sep 10 12:00:26 2024 +0200 kubeadm: allow to provide patch inline in inventories Specifying one directory for kubeadm patches is not ideal: 1. It does not allow working with multiples inventories easily 2. No ansible templating of the patch 3. Ansible path searching can sometimes be confusing Instead, provide the patch directly in a variable, and add some quality of life to handle components targeting and patch ordering more explicitly (`target` and `type` which are translated to the kubeadm scheme which is based on the file name) commit a8b66fd Author: Max Gautier <mg@max.gautier.name> Date: Tue Sep 10 13:43:02 2024 +0200 Deduplicate kubeadm_patches tasks kubernetes/control-plane and kubernetes/kubeadm roles both push kubeadm patches in the same way. Extract that code and make it a dependency of both. This is safe because it's only configuration for kubeadm, which only takes effect when kubeadm is run. commit 230cb37 Author: Max Gautier <mg@max.gautier.name> Date: Sun Sep 8 11:12:24 2024 +0200 download_hash: document usage commit dec4e71 Author: Max Gautier <mg@max.gautier.name> Date: Fri Sep 6 16:21:20 2024 +0200 download_hash: cache request for 'multi-hash' files This avoid re-downloading the same file for different arch and re-parsing it commit 1b1045c Author: Max Gautier <mg@max.gautier.name> Date: Fri Sep 6 15:25:53 2024 +0200 download_hash: use persistent session This allows to reuse http connection and be more efficient. From rough measuring it saves around 25-30% of execution time. commit 86855be Author: Max Gautier <mg@max.gautier.name> Date: Fri Sep 6 10:56:03 2024 +0200 download_hash: document missing support commit b2e64ae Author: Max Gautier <mg@max.gautier.name> Date: Thu Sep 5 17:15:12 2024 +0200 download_hash: support 'multi-hash' components commit a2644c7 Author: Max Gautier <mg@max.gautier.name> Date: Thu Sep 5 16:19:09 2024 +0200 download_hash: add support for 'simple hash' components commit e256f74 Author: Max Gautier <mg@max.gautier.name> Date: Thu Sep 5 16:39:04 2024 +0200 download_hash: propagate new patch versions to all archs commit 2710e98 Author: Max Gautier <mg@max.gautier.name> Date: Thu Sep 5 15:58:36 2024 +0200 download_hash: argument handling with argparse Allow the script to be called with a list of components, to only download new versions checksums for those. By default, we get new versions checksums for all supported (by the script) components. commit da0e445 Author: Max Gautier <mg@max.gautier.name> Date: Fri Feb 2 20:48:08 2024 +0100 download_hash.py: support for 'multi-hash' file + runc runc upstream does not provide one hash file per assets in their releases, but one file with all the hashes. To handle this (and/or any arbitrary format from upstreams), add a dictionary mapping the name of the download to a lambda function which transform the file provided by upstream into a dictionary of hashes, keyed by architecture. commit a761623 Author: Max Gautier <mg@max.gautier.name> Date: Fri Feb 2 16:01:14 2024 +0100 download_hash.py: generalized and data-driven The script is currently limited to one hardcoded URL for kubernetes related binaries, and a fixed set of architectures. The solution is three-fold: 1. Use an url template dictionary for each download -> this allow to easily add support for new downloads. 2. Source the architectures to search from the existing data 3. Enumerate the existing versions in the data and start searching from the last one until no newer version is found (newer in the version order sense, irrespective of actual age) commit fe60832 Author: Max Gautier <mg@max.gautier.name> Date: Thu Nov 23 21:13:55 2023 +0100 Remove kubelet_node_{custom_flags,config_extra_args} There is no need to have an extra variables for this, just use different values per host (using Ansible group_vars, for example) commit 1bc61c9 Author: Max Gautier <mg@max.gautier.name> Date: Thu Nov 23 17:18:47 2023 +0100 Simplify kubelet-config template Remove system|kube_master_<resource>_reserved variables. Those variables are unnecessary because users can simply use the variables in group_vars if they which to differentiate control plane nodes from other nodes. Set conservative defaults for ephemeral-storage and pids for both kube and system reserved resources. commit 872d717 Author: Max Gautier <mg@max.gautier.name> Date: Wed Sep 4 13:44:11 2024 +0200 Add kube|system_reserved CI testing commit 1533d40 Author: Max Gautier <mg@max.gautier.name> Date: Wed Sep 4 14:02:53 2024 +0200 Fix kube_reserved_cgroups_for_service_slice The default value is used across kubespray but only defined in kubernetes/node. Move it to kubespray-defaults commit 5b057c7 Author: Max Gautier <mg@max.gautier.name> Date: Mon Aug 26 14:53:20 2024 +0200 Update list of admission plugins with a config file commit d340273 Author: Max Gautier <mg@max.gautier.name> Date: Mon Aug 26 14:43:00 2024 +0200 Remove special case for PodNodeSelector This is already handled by the previous task. commit 47c3949 Author: Max Gautier <mg@max.gautier.name> Date: Mon Aug 26 14:42:04 2024 +0200 Change plugins_needs_config list format Makes easier diff when adding or removing plugins.
- Execute boostrap-os before so that Python is installed for kubespray-defaults - Remove outdated kubespray-defaults dependency on boostrap-os
What type of PR is this?
/kind bug
What this PR does / why we need it:
When using a Flatcar distribution, Python is not installed by default. This is taken care of by the bootstrap-os role.
We need to have Python to successfully execute the kubespray-defaults role.
This PR makes sure role bootstrap-os executes before role kubespray-defaults. The facts that are set by kubespray-defaults are not used by bootstrap-os, but some variables defined in kubespray-defaults/defaults/main might (the doc hints at this, but I did not manage to find any var that are used). If that is the case, we might need to split kubespray-defaults into two roles, one role that only sets vars, then we run bootstrap-os to install Python, and then execute the second role to set the facts (this needs Python).
Special notes for your reviewer:
Does this PR introduce a user-facing change?: