use patches to patch patchesDirectory

kubernetes · Aug 3, 2021 · a29017a · a29017a
1 parent 11626e7
commit a29017a
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 4 deletions.
diff --git a/kinder/pkg/cluster/manager/actions/kubeadm-config.go b/kinder/pkg/cluster/manager/actions/kubeadm-config.go
@@ -276,6 +276,13 @@ func getKubeadmConfig(c *status.Cluster, n *status.Node, data kubeadm.ConfigData
 		}
 		patches = append(patches, fileDiscoveryPatch)
 
+		// add patches directory to the config
+		patchesDirectoryPatch, err := kubeadm.GetPatchesDirectory(kubeadmConfigVersion)
+		if err != nil {
+			return "", err
+		}
+		patches = append(patches, patchesDirectoryPatch)
+
 		// if the file discovery does not contains the authorization credentials, add tls discovery token
 		if options.discoveryMode == FileDiscoveryWithoutCredentials {
 			tlsBootstrapPatch, err := kubeadm.GetTLSBootstrapPatch(kubeadmConfigVersion)

diff --git a/kinder/pkg/kubeadm/config.go b/kinder/pkg/kubeadm/config.go
@@ -173,8 +173,6 @@ nodeRegistration:
   criSocket: "/run/containerd/containerd.sock"
   kubeletExtraArgs:
     node-ip: "{{ .NodeAddress }}"
-patches:
-  directory: "/kinder/patches"
 ---
 # no-op entry that exists solely so it can be patched
 apiVersion: kubeadm.k8s.io/v1beta2
@@ -196,8 +194,6 @@ discovery:
     apiServerEndpoint: "{{ .ControlPlaneEndpoint }}"
     token: "{{ .Token }}"
     unsafeSkipCAVerification: true
-patches:
-  directory: "/kinder/patches"
 ---
 apiVersion: kubelet.config.k8s.io/v1beta1
 kind: KubeletConfiguration

diff --git a/kinder/pkg/kubeadm/discovery.go b/kinder/pkg/kubeadm/discovery.go
@@ -93,6 +93,39 @@ discovery:
   file:
     kubeConfigPath: %s`
 
+// GetPatchesDirectory returns the kubeadm config patch that will instruct kubeadm
+// to use patches directory.
+func GetPatchesDirectory(kubeadmConfigVersion string) (string, error) {
+	// select the patches for the kubeadm config version
+	log.Debugf("Preparing patchesDirectoryPatch for kubeadm config %s", kubeadmConfigVersion)
+
+	var patch string
+	switch kubeadmConfigVersion {
+	case "v1beta2":
+		patch = patchesDirectoryPatchv1beta2
+	case "v1beta3":
+		patch = patchesDirectoryPatchv1beta3
+	default:
+		return "", errors.Errorf("unknown kubeadm config version: %s", kubeadmConfigVersion)
+	}
+
+	return fmt.Sprintf(patch, constants.PatchesDir), nil
+}
+
+const patchesDirectoryPatchv1beta2 = `apiVersion: kubeadm.k8s.io/v1beta2
+kind: JoinConfiguration
+metadata:
+  name: config
+patches:
+  directory: %s`
+
+const patchesDirectoryPatchv1beta3 = `apiVersion: kubeadm.k8s.io/v1beta3
+kind: JoinConfiguration
+metadata:
+  name: config
+patches:
+  directory: %s`
+
 // GetTLSBootstrapPatch returns the kubeadm config patch that will instruct kubeadm
 // to use a TLSBootstrap token.
 // NB. for sake of semplicity, we are using the same Token already used for Token discovery