diff --git a/pkg/cluster/internal/create/actions/config/config.go b/pkg/cluster/internal/create/actions/config/config.go index 76fe2c31a5..d17a77b7ea 100644 --- a/pkg/cluster/internal/create/actions/config/config.go +++ b/pkg/cluster/internal/create/actions/config/config.go @@ -176,6 +176,9 @@ func getKubeadmConfig(cfg *config.Cluster, data kubeadm.ConfigData, node nodes.N } data.KubernetesVersion = kubeVersion + // TODO: remove this once versions older that v1.18 are deprecated + // since k/k v1.18 all kubernetes components are able to autodetect the ip address + // get the node ip address nodeAddress, nodeAddressIPv6, err := node.IP() if err != nil { diff --git a/pkg/cluster/internal/kubeadm/config.go b/pkg/cluster/internal/kubeadm/config.go index ad6a34c204..10306712a9 100644 --- a/pkg/cluster/internal/kubeadm/config.go +++ b/pkg/cluster/internal/kubeadm/config.go @@ -437,6 +437,110 @@ metadata: name: config ` +// ConfigTemplateV118BetaV2 is the kubadm config template for API version v1beta2 and k8s > v1.18 +const ConfigTemplateV118BetaV2 = `# config generated by kind +apiVersion: kubeadm.k8s.io/v1beta2 +kind: ClusterConfiguration +metadata: + name: config +kubernetesVersion: {{.KubernetesVersion}} +clusterName: "{{.ClusterName}}" +controlPlaneEndpoint: "{{ .ControlPlaneEndpoint }}" +# on docker for mac we have to expose the api server via port forward, +# so we need to ensure the cert is valid for localhost so we can talk +# to the cluster after rewriting the kubeconfig to point to localhost +apiServer: + certSANs: [localhost, "{{.APIServerAddress}}"] +controllerManager: + extraArgs: + enable-hostpath-provisioner: "true" + # configure ipv6 default addresses for IPv6 clusters + {{ if .IPv6 -}} + bind-address: "::1" + {{- end }} +scheduler: + extraArgs: + # configure ipv6 default addresses for IPv6 clusters + {{ if .IPv6 -}} + bind-address: "::1" + {{- end }} +networking: + podSubnet: "{{ .PodSubnet }}" + serviceSubnet: "{{ .ServiceSubnet }}" +--- +apiVersion: kubeadm.k8s.io/v1beta2 +kind: InitConfiguration +metadata: + name: config +# we use a well know token for TLS bootstrap +bootstrapTokens: +- token: "{{ .Token }}" +# we use a well know port for making the API server discoverable inside docker network. +# from the host machine such port will be accessible via a random local port instead. +localAPIEndpoint: + {{ if .IPv6 -}} + advertiseAddress: "::" + {{- end }} + bindPort: {{.APIBindPort}} +nodeRegistration: + criSocket: "/run/containerd/containerd.sock" + kubeletExtraArgs: + fail-swap-on: "false" + {{ if .IPv6 -}} + node-ip: "::" + {{- end }} +--- +# no-op entry that exists solely so it can be patched +apiVersion: kubeadm.k8s.io/v1beta2 +kind: JoinConfiguration +metadata: + name: config +{{ if .ControlPlane -}} +controlPlane: + localAPIEndpoint: + {{ if .IPv6 -}} + advertiseAddress: "::" + {{- end }} + bindPort: {{.APIBindPort}} +{{- end }} +nodeRegistration: + criSocket: "/run/containerd/containerd.sock" + kubeletExtraArgs: + fail-swap-on: "false" + {{ if .IPv6 -}} + node-ip: "::" + {{- end }} +discovery: + bootstrapToken: + apiServerEndpoint: "{{ .ControlPlaneEndpoint }}" + token: "{{ .Token }}" + unsafeSkipCAVerification: true +--- +apiVersion: kubelet.config.k8s.io/v1beta1 +kind: KubeletConfiguration +metadata: + name: config +# configure ipv6 addresses in IPv6 mode +{{ if .IPv6 -}} +address: "::" +healthzBindAddress: "::" +{{- end }} +# disable disk resource management by default +# kubelet will see the host disk that the inner container runtime +# is ultimately backed by and attempt to recover disk space. we don't want that. +imageGCHighThresholdPercent: 100 +evictionHard: + nodefs.available: "0%" + nodefs.inodesFree: "0%" + imagefs.available: "0%" +--- +# no-op entry that exists solely so it can be patched +apiVersion: kubeproxy.config.k8s.io/v1alpha1 +kind: KubeProxyConfiguration +metadata: + name: config +` + // Config returns a kubeadm config generated from config data, in particular // the kubernetes version func Config(data ConfigData) (config string, err error) { @@ -446,13 +550,15 @@ func Config(data ConfigData) (config string, err error) { } // assume the latest API version, then fallback if the k8s version is too low - templateSource := ConfigTemplateBetaV2 + templateSource := ConfigTemplateV118BetaV2 if ver.LessThan(version.MustParseSemantic("v1.12.0")) { templateSource = ConfigTemplateAlphaV2 } else if ver.LessThan(version.MustParseSemantic("v1.13.0")) { templateSource = ConfigTemplateAlphaV3 } else if ver.LessThan(version.MustParseSemantic("v1.15.0")) { templateSource = ConfigTemplateBetaV1 + } else if ver.LessThan(version.MustParseSemantic("v1.18.0")) { + templateSource = ConfigTemplateBetaV2 } t, err := template.New("kubeadm-config").Parse(templateSource)