fix feature-gates removed in k8s v1.25.x

Signed-off-by: 24sama <jacksama@foxmail.com>
2025-12-26 01:22:51 +00:00 · 2022-11-10 11:16:06 +08:00 · 2022-11-10 11:16:06 +08:00 · b5990f4298
parent b9866aa5c5
commit b5990f4298
6 changed files with 62 additions and 32 deletions
--- a/cmd/kk/pkg/bootstrap/confirm/tasks.go
+++ b/cmd/kk/pkg/bootstrap/confirm/tasks.go
@ -125,6 +125,10 @@ func (i *InstallationConfirm) Execute(runtime connector.Runtime) error {
 		os.Exit(1)
 	}

+	if i.KubeConf.Arg.SkipConfirmCheck {
+		return nil
+	}
+
 	confirmOK := false
 	for !confirmOK {
 		fmt.Printf("Continue this installation? [yes/no]: ")
--- a/cmd/kk/pkg/images/tasks.go
+++ b/cmd/kk/pkg/images/tasks.go
@ -23,17 +23,17 @@ import (
 	"path/filepath"
 	"strings"

-	manifesttypes "github.com/estesp/manifest-tool/v2/pkg/types"
-	coreutil "github.com/kubesphere/kubekey/cmd/kk/pkg/core/util"
-	"github.com/kubesphere/kubekey/cmd/kk/pkg/registry"
-
 	manifestregistry "github.com/estesp/manifest-tool/v2/pkg/registry"
+	manifesttypes "github.com/estesp/manifest-tool/v2/pkg/types"
+	"github.com/pkg/errors"
+	versionutil "k8s.io/apimachinery/pkg/util/version"
+
 	kubekeyv1alpha2 "github.com/kubesphere/kubekey/cmd/kk/apis/kubekey/v1alpha2"
 	"github.com/kubesphere/kubekey/cmd/kk/pkg/common"
 	"github.com/kubesphere/kubekey/cmd/kk/pkg/core/connector"
 	"github.com/kubesphere/kubekey/cmd/kk/pkg/core/logger"
-	"github.com/pkg/errors"
-	versionutil "k8s.io/apimachinery/pkg/util/version"
+	coreutil "github.com/kubesphere/kubekey/cmd/kk/pkg/core/util"
+	"github.com/kubesphere/kubekey/cmd/kk/pkg/registry"
 )

 type PullImage struct {
@ -97,6 +97,10 @@ func GetImage(runtime connector.ModuleRuntime, kubeConf *common.KubeConf, name s
 		pauseTag = "3.7"
 		corednsTag = "1.8.6"
 	}
+	if versionutil.MustParseSemantic(kubeConf.Cluster.Kubernetes.Version).AtLeast(versionutil.MustParseSemantic("v1.25.0")) {
+		pauseTag = "3.8"
+		corednsTag = "1.9.3"
+	}

 	logger.Log.Debugf("pauseTag: %s, corednsTag: %s", pauseTag, corednsTag)

--- a/cmd/kk/pkg/kubernetes/tasks.go
+++ b/cmd/kk/pkg/kubernetes/tasks.go
@ -26,8 +26,6 @@ import (
 	"strings"
 	"time"

-	"github.com/kubesphere/kubekey/cmd/kk/pkg/etcd"
-
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
 	kubeerrors "k8s.io/apimachinery/pkg/api/errors"
@ -44,6 +42,7 @@ import (
 	"github.com/kubesphere/kubekey/cmd/kk/pkg/core/prepare"
 	"github.com/kubesphere/kubekey/cmd/kk/pkg/core/task"
 	"github.com/kubesphere/kubekey/cmd/kk/pkg/core/util"
+	"github.com/kubesphere/kubekey/cmd/kk/pkg/etcd"
 	"github.com/kubesphere/kubekey/cmd/kk/pkg/files"
 	"github.com/kubesphere/kubekey/cmd/kk/pkg/images"
 	"github.com/kubesphere/kubekey/cmd/kk/pkg/kubernetes/templates"
@ -250,7 +249,7 @@ func (g *GenerateKubeadmConfig) Execute(runtime connector.Runtime) error {
 		}

 		_, ApiServerArgs := util.GetArgs(v1beta2.GetApiServerArgs(g.WithSecurityEnhancement), g.KubeConf.Cluster.Kubernetes.ApiServerArgs)
-		_, ControllerManagerArgs := util.GetArgs(v1beta2.GetControllermanagerArgs(g.WithSecurityEnhancement), g.KubeConf.Cluster.Kubernetes.ControllerManagerArgs)
+		_, ControllerManagerArgs := util.GetArgs(v1beta2.GetControllermanagerArgs(g.KubeConf.Cluster.Kubernetes.Version, g.WithSecurityEnhancement), g.KubeConf.Cluster.Kubernetes.ControllerManagerArgs)
 		_, SchedulerArgs := util.GetArgs(v1beta2.GetSchedulerArgs(g.WithSecurityEnhancement), g.KubeConf.Cluster.Kubernetes.SchedulerArgs)

 		checkCgroupDriver, err := v1beta2.GetKubeletCgroupDriver(runtime, g.KubeConf)
--- a/cmd/kk/pkg/kubernetes/templates/v1beta2/kubeadm_config.go
+++ b/cmd/kk/pkg/kubernetes/templates/v1beta2/kubeadm_config.go
@ -188,15 +188,15 @@ var (
 		"tls-cipher-suites":      "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
 	}
 	ControllermanagerArgs = map[string]string{
-		"bind-address":                          "0.0.0.0",
-		"experimental-cluster-signing-duration": "87600h",
+		"bind-address":             "0.0.0.0",
+		"cluster-signing-duration": "87600h",
 	}
 	ControllermanagerSecurityArgs = map[string]string{
-		"bind-address":                          "127.0.0.1",
-		"experimental-cluster-signing-duration": "87600h",
-		"profiling":                             "false",
-		"terminated-pod-gc-threshold":           "50",
-		"use-service-account-credentials":       "true",
+		"bind-address":                    "127.0.0.1",
+		"cluster-signing-duration":        "87600h",
+		"profiling":                       "false",
+		"terminated-pod-gc-threshold":     "50",
+		"use-service-account-credentials": "true",
 	}
 	SchedulerArgs = map[string]string{
 		"bind-address": "0.0.0.0",
@ -214,11 +214,19 @@ func GetApiServerArgs(securityEnhancement bool) map[string]string {
 	return ApiServerArgs
 }

-func GetControllermanagerArgs(securityEnhancement bool) map[string]string {
+func GetControllermanagerArgs(version string, securityEnhancement bool) map[string]string {
+	var args map[string]string
 	if securityEnhancement {
-		return ControllermanagerSecurityArgs
+		args = copyStringMap(ControllermanagerSecurityArgs)
+	} else {
+		args = copyStringMap(ControllermanagerArgs)
 	}
-	return ControllermanagerArgs
+
+	if versionutil.MustParseSemantic(version).LessThan(versionutil.MustParseSemantic("1.19.0")) {
+		delete(args, "cluster-signing-duration")
+		args["experimental-cluster-signing-duration"] = "87600h"
+	}
+	return args
 }

 func GetSchedulerArgs(securityEnhancement bool) map[string]string {
@ -229,12 +237,6 @@ func GetSchedulerArgs(securityEnhancement bool) map[string]string {
 }

 func UpdateFeatureGatesConfiguration(args map[string]string, kubeConf *common.KubeConf) map[string]string {
-	// When kubernetes version is less than 1.21,`CSIStorageCapacity` should not be set.
-	cmp, _ := versionutil.MustParseSemantic(kubeConf.Cluster.Kubernetes.Version).Compare("v1.21.0")
-	if cmp == -1 {
-		delete(FeatureGatesDefaultConfiguration, "CSIStorageCapacity")
-	}
-
 	var featureGates []string

 	for k, v := range kubeConf.Cluster.Kubernetes.FeatureGates {
@ -242,6 +244,16 @@ func UpdateFeatureGatesConfiguration(args map[string]string, kubeConf *common.Ku
 	}

 	for k, v := range FeatureGatesDefaultConfiguration {
+		// When kubernetes version is less than 1.21,`CSIStorageCapacity` should not be set.
+		if k == "CSIStorageCapacity" &&
+			versionutil.MustParseSemantic(kubeConf.Cluster.Kubernetes.Version).LessThan(versionutil.MustParseSemantic("v1.21.0")) {
+			continue
+		}
+		if k == "TTLAfterFinished" &&
+			versionutil.MustParseSemantic(kubeConf.Cluster.Kubernetes.Version).AtLeast(versionutil.MustParseSemantic("v1.24.0")) {
+			continue
+		}
+
 		if _, ok := kubeConf.Cluster.Kubernetes.FeatureGates[k]; !ok {
 			featureGates = append(featureGates, fmt.Sprintf("%s=%v", k, v))
 		}
@ -343,13 +355,15 @@ func GetKubeletConfiguration(runtime connector.Runtime, kubeConf *common.KubeCon
 	}

 	if featureGates, ok := kubeletConfiguration["featureGates"].(map[string]bool); ok {
-		for k, v := range kubeConf.Cluster.Kubernetes.FeatureGates {
-			if _, ok := featureGates[k]; !ok {
-				featureGates[k] = v
-			}
+		if versionutil.MustParseSemantic(kubeConf.Cluster.Kubernetes.Version).LessThan(versionutil.MustParseSemantic("v1.21.0")) {
+			delete(featureGates, "CSIStorageCapacity")
 		}

-		for k, v := range FeatureGatesDefaultConfiguration {
+		if versionutil.MustParseSemantic(kubeConf.Cluster.Kubernetes.Version).AtLeast(versionutil.MustParseSemantic("v1.24.0")) {
+			delete(featureGates, "TTLAfterFinished")
+		}
+
+		for k, v := range kubeConf.Cluster.Kubernetes.FeatureGates {
 			if _, ok := featureGates[k]; !ok {
 				featureGates[k] = v
 			}
@ -433,3 +447,12 @@ func GetKubeProxyConfiguration(kubeConf *common.KubeConf) map[string]interface{}

 	return kubeProxyConfiguration
 }
+
+func copyStringMap(m map[string]string) map[string]string {
+	cp := make(map[string]string)
+	for k, v := range m {
+		cp[k] = v
+	}
+
+	return cp
+}
--- a/cmd/kk/pkg/pipelines/add_nodes.go
+++ b/cmd/kk/pkg/pipelines/add_nodes.go
@ -47,7 +47,7 @@ func NewAddNodesPipeline(runtime *common.KubeRuntime) error {
 	m := []module.Module{
 		&precheck.GreetingsModule{},
 		&precheck.NodePreCheckModule{},
-		&confirm.InstallConfirmModule{Skip: runtime.Arg.SkipConfirmCheck},
+		&confirm.InstallConfirmModule{},
 		&artifact.UnArchiveModule{Skip: noArtifact},
 		&os.RepositoryModule{Skip: noArtifact || !runtime.Arg.InstallPackages},
 		&binaries.NodeBinariesModule{},
--- a/cmd/kk/pkg/pipelines/create_cluster.go
+++ b/cmd/kk/pkg/pipelines/create_cluster.go
@ -59,7 +59,7 @@ func NewCreateClusterPipeline(runtime *common.KubeRuntime) error {
 	m := []module.Module{
 		&precheck.GreetingsModule{},
 		&precheck.NodePreCheckModule{},
-		&confirm.InstallConfirmModule{Skip: runtime.Arg.SkipConfirmCheck},
+		&confirm.InstallConfirmModule{},
 		&artifact.UnArchiveModule{Skip: noArtifact},
 		&os.RepositoryModule{Skip: noArtifact || !runtime.Arg.InstallPackages},
 		&binaries.NodeBinariesModule{},