Merge pull request #422 from yifan-gu/update_manifests

Yifan Gu · web-flow · commit 6ed1ce9e133b · 2017-04-13T16:33:28.000-07:00
templates.go: Update manifest for Kubernetes 1.6
diff --git a/pkg/asset/internal/templates.go b/pkg/asset/internal/templates.go
@@ -41,12 +41,14 @@ metadata:
   name: kubelet
   namespace: kube-system
   labels:
-    k8s-app: kubelet
+    tier: node
+    component: kubelet
 spec:
   template:
     metadata:
       labels:
-        k8s-app: kubelet
+        tier: node
+        component: kubelet
     spec:
       containers:
       - name: kubelet
@@ -133,12 +135,14 @@ metadata:
   name: kube-apiserver
   namespace: kube-system
   labels:
-    k8s-app: kube-apiserver
+    tier: control-plane
+    component: kube-apiserver
 spec:
   template:
     metadata:
       labels:
-        k8s-app: kube-apiserver
+        tier: control-plane
+        component: kube-apiserver
       annotations:
         checkpointer.alpha.coreos.com/checkpoint: "true"
     spec:
@@ -207,12 +211,14 @@ metadata:
   name: kenc
   namespace: kube-system
   labels:
-    k8s-app: kenc
+    tier: control-plane
+    component: kenc
 spec:
   template:
     metadata:
       labels:
-        k8s-app: kenc
+        tier: control-plane
+        component: kenc
       annotations:
         checkpointer.alpha.coreos.com/checkpoint: "true"
     spec:
@@ -251,12 +257,14 @@ metadata:
   name: pod-checkpointer
   namespace: kube-system
   labels:
-    k8s-app: pod-checkpointer
+    tier: control-plane
+    component: pod-checkpointer
 spec:
   template:
     metadata:
       labels:
-        k8s-app: pod-checkpointer
+        tier: control-plane
+        component: pod-checkpointer
       annotations:
         checkpointer.alpha.coreos.com/checkpoint: "true"
     spec:
@@ -305,13 +313,15 @@ metadata:
   name: kube-controller-manager
   namespace: kube-system
   labels:
-    k8s-app: kube-controller-manager
+    tier: control-plane
+    component: kube-controller-manager
 spec:
   replicas: 2
   template:
     metadata:
       labels:
-        k8s-app: kube-controller-manager
+        tier: control-plane
+        component: kube-controller-manager
     spec:
       nodeSelector:
         master: "true"
@@ -359,21 +369,24 @@ spec:
   minAvailable: 1
   selector:
     matchLabels:
-      k8s-app: kube-controller-manager
+      tier: control-plane
+      component: kube-controller-manager
 `)
 	SchedulerTemplate = []byte(`apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
   name: kube-scheduler
   namespace: kube-system
   labels:
-    k8s-app: kube-scheduler
+    tier: control-plane
+    component: kube-scheduler
 spec:
   replicas: 2
   template:
     metadata:
       labels:
-        k8s-app: kube-scheduler
+        tier: control-plane
+        component: kube-scheduler
     spec:
       nodeSelector:
         master: "true"
@@ -401,20 +414,25 @@ spec:
   minAvailable: 1
   selector:
     matchLabels:
-      k8s-app: kube-scheduler
+      tier: control-plane
+      component: kube-scheduler
 `)
 	ProxyTemplate = []byte(`apiVersion: "extensions/v1beta1"
 kind: DaemonSet
 metadata:
   name: kube-proxy
   namespace: kube-system
   labels:
-    k8s-app: kube-proxy
+    tier: node
+    component: kube-proxy
 spec:
   template:
     metadata:
       labels:
-        k8s-app: kube-proxy
+        tier: node
+        component: kube-proxy
+      annotations:
+        scheduler.alpha.kubernetes.io/critical-pod: ''
     spec:
       hostNetwork: true
       containers:
@@ -475,11 +493,18 @@ spec:
         k8s-app: kube-dns
       annotations:
         scheduler.alpha.kubernetes.io/critical-pod: ''
-        scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
     spec:
+      tolerations:
+      - key: "CriticalAddonsOnly"
+        operator: "Exists"
+      volumes:
+      - name: kube-dns-config
+        configMap:
+          name: kube-dns
+          optional: true
       containers:
       - name: kubedns
-        image: gcr.io/google_containers/kubedns-amd64:1.9
+        image: gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.1
         resources:
           # TODO: Set memory limits when we've profiled the container for large
           # clusters, then set request = limit to keep this container in
@@ -492,8 +517,8 @@ spec:
             memory: 70Mi
         livenessProbe:
           httpGet:
-            path: /healthz-kubedns
-            port: 8080
+            path: /healthcheck/kubedns
+            port: 10054
             scheme: HTTP
           initialDelaySeconds: 60
           timeoutSeconds: 5
@@ -511,10 +536,8 @@ spec:
         args:
         - --domain=cluster.local.
         - --dns-port=10053
-        - --config-map=kube-dns
-        # This should be set to v=2 only after the new image (cut from 1.5) has
-        # been released, otherwise we will flood the logs.
-        - --v=0
+        - --config-dir=/kube-dns-config
+        - --v=2
         env:
         - name: PROMETHEUS_PORT
           value: "10055"
@@ -528,22 +551,32 @@ spec:
         - containerPort: 10055
           name: metrics
           protocol: TCP
+        volumeMounts:
+        - name: kube-dns-config
+          mountPath: /kube-dns-config
       - name: dnsmasq
-        image: gcr.io/google_containers/kube-dnsmasq-amd64:1.4
+        image: gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.1
         livenessProbe:
           httpGet:
-            path: /healthz-dnsmasq
-            port: 8080
+            path: /healthcheck/dnsmasq
+            port: 10054
             scheme: HTTP
           initialDelaySeconds: 60
           timeoutSeconds: 5
           successThreshold: 1
           failureThreshold: 5
         args:
+        - -v=2
+        - -logtostderr
+        - -configDir=/etc/k8s/dns/dnsmasq-nanny
+        - -restartDnsmasq=true
+        - --
+        - -k
         - --cache-size=1000
-        - --no-resolv
-        - --server=127.0.0.1#10053
         - --log-facility=-
+        - --server=/cluster.local/127.0.0.1#10053
+        - --server=/in-addr.arpa/127.0.0.1#10053
+        - --server=/ip6.arpa/127.0.0.1#10053
         ports:
         - containerPort: 53
           name: dns
@@ -555,9 +588,12 @@ spec:
         resources:
           requests:
             cpu: 150m
-            memory: 10Mi
-      - name: dnsmasq-metrics
-        image: gcr.io/google_containers/dnsmasq-metrics-amd64:1.0
+            memory: 20Mi
+        volumeMounts:
+        - name: kube-dns-config
+          mountPath: /etc/k8s/dns/dnsmasq-nanny
+      - name: sidecar
+        image: gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.1
         livenessProbe:
           httpGet:
             path: /metrics
@@ -570,35 +606,16 @@ spec:
         args:
         - --v=2
         - --logtostderr
+        - --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.cluster.local,5,A
+        - --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.cluster.local,5,A
         ports:
         - containerPort: 10054
           name: metrics
           protocol: TCP
         resources:
           requests:
-            memory: 10Mi
-      - name: healthz
-        image: gcr.io/google_containers/exechealthz-amd64:1.2
-        resources:
-          limits:
-            memory: 50Mi
-          requests:
+            memory: 20Mi
             cpu: 10m
-            # Note that this container shouldn't really need 50Mi of memory. The
-            # limits are set higher than expected pending investigation on #29688.
-            # The extra memory was stolen from the kubedns container to keep the
-            # net memory requested by the pod constant.
-            memory: 50Mi
-        args:
-        - --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1 >/dev/null
-        - --url=/healthz-dnsmasq
-        - --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1:10053 >/dev/null
-        - --url=/healthz-kubedns
-        - --port=8080
-        - --quiet
-        ports:
-        - containerPort: 8080
-          protocol: TCP
       dnsPolicy: Default  # Don't use cluster DNS.
 `)
 	DNSSvcTemplate = []byte(`apiVersion: v1
diff --git a/pkg/bootkube/status.go b/pkg/bootkube/status.go
@@ -9,7 +9,6 @@ import (
 
 	"github.com/golang/glog"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apimachinery/pkg/watch"
@@ -21,7 +20,6 @@ import (
 )
 
 const (
-	appKey       = "k8s-app"
 	doesNotExist = "DoesNotExist"
 )
 
@@ -56,13 +54,11 @@ func NewStatusController(pods []string) (*statusController, error) {
 }
 
 func (s *statusController) Run() {
-	// TODO(aaron): statically define the selector so we can skip this
-	ls, err := labels.Parse(appKey)
-	if err != nil {
-		panic(err)
-	}
-
-	options := metav1.ListOptions{LabelSelector: ls.String()}
+	// TODO(yifan): Be more explicit about the labels so that we don't just
+	// reply on the prefix of the pod name when looking for the pods we are interested.
+	// E.g. For a scheduler pod, we will look for pods that has label `tier=control-plane`
+	// and `component=kube-scheduler`.
+	options := metav1.ListOptions{}
 	podStore, podController := cache.NewInformer(
 		&cache.ListWatch{
 			ListFunc: func(lo metav1.ListOptions) (runtime.Object, error) {
