Skip to content

Commit e389055

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #12065 from chrischdi/pr-allow-unsetting-etcd-local-extnal-dns
🌱 kcp: allow unsetting etcd.local, etcd.external and dns
2 parents 3d6f63d + 43ce145 commit e389055

File tree

2 files changed

+38
-31
lines changed

2 files changed

+38
-31
lines changed

controlplane/kubeadm/internal/webhooks/kubeadm_control_plane.go

Lines changed: 7 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -162,23 +162,16 @@ const minimumCertificatesExpiryDays = 7
162162
func (webhook *KubeadmControlPlane) ValidateUpdate(_ context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
163163
// add a * to indicate everything beneath is ok.
164164
// For example, {"spec", "*"} will allow any path under "spec" to change.
165+
// For example, {"spec"} will allow "spec" to also be unset.
165166
allowedPaths := [][]string{
166167
// metadata
167168
{"metadata", "*"},
168169
// spec.kubeadmConfigSpec.clusterConfiguration
169-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "imageRepository"},
170-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "imageTag"},
171-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "extraArgs"},
172-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "extraArgs", "*"},
173-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "dataDir"},
174-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "peerCertSANs"},
175-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "serverCertSANs"},
176-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "external", "endpoints"},
177-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "external", "caFile"},
178-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "external", "certFile"},
179-
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "external", "keyFile"},
180-
{spec, kubeadmConfigSpec, clusterConfiguration, "dns", "imageRepository"},
181-
{spec, kubeadmConfigSpec, clusterConfiguration, "dns", "imageTag"},
170+
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local"},
171+
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "*"},
172+
{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "external", "*"},
173+
{spec, kubeadmConfigSpec, clusterConfiguration, "dns"},
174+
{spec, kubeadmConfigSpec, clusterConfiguration, "dns", "*"},
182175
{spec, kubeadmConfigSpec, clusterConfiguration, "imageRepository"},
183176
{spec, kubeadmConfigSpec, clusterConfiguration, featureGates},
184177
{spec, kubeadmConfigSpec, clusterConfiguration, featureGates, "*"},
@@ -552,7 +545,7 @@ func validateClusterConfiguration(oldClusterConfiguration, newClusterConfigurati
552545

553546
// update validations
554547
if oldClusterConfiguration != nil {
555-
if newClusterConfiguration.Etcd.External != nil && oldClusterConfiguration.Etcd.Local != nil {
548+
if (newClusterConfiguration.Etcd.External != nil && oldClusterConfiguration.Etcd.External == nil) || (newClusterConfiguration.Etcd.External == nil && oldClusterConfiguration.Etcd.External != nil) {
556549
allErrs = append(
557550
allErrs,
558551
field.Forbidden(
@@ -561,16 +554,6 @@ func validateClusterConfiguration(oldClusterConfiguration, newClusterConfigurati
561554
),
562555
)
563556
}
564-
565-
if newClusterConfiguration.Etcd.Local != nil && oldClusterConfiguration.Etcd.External != nil {
566-
allErrs = append(
567-
allErrs,
568-
field.Forbidden(
569-
pathPrefix.Child("etcd", "local"),
570-
"cannot change between external and local etcd",
571-
),
572-
)
573-
}
574557
}
575558

576559
return allErrs

controlplane/kubeadm/internal/webhooks/kubeadm_control_plane_test.go

Lines changed: 31 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -459,6 +459,8 @@ func TestKubeadmControlPlaneValidateUpdate(t *testing.T) {
459459
ImageTag: "v9.1.1",
460460
},
461461
}
462+
etcdLocalImageTagAndDataDir := etcdLocalImageTag.DeepCopy()
463+
etcdLocalImageTagAndDataDir.Spec.KubeadmConfigSpec.ClusterConfiguration.Etcd.Local.DataDir = "/foo"
462464

463465
etcdLocalImageBuildTag := before.DeepCopy()
464466
etcdLocalImageBuildTag.Spec.KubeadmConfigSpec.ClusterConfiguration.Etcd.Local = &bootstrapv1.LocalEtcd{
@@ -474,8 +476,8 @@ func TestKubeadmControlPlaneValidateUpdate(t *testing.T) {
474476
},
475477
}
476478

477-
unsetEtcd := etcdLocalImageTag.DeepCopy()
478-
unsetEtcd.Spec.KubeadmConfigSpec.ClusterConfiguration.Etcd.Local = nil
479+
unsetEtcdLocal := etcdLocalImageTag.DeepCopy()
480+
unsetEtcdLocal.Spec.KubeadmConfigSpec.ClusterConfiguration.Etcd.Local = nil
479481

480482
networking := before.DeepCopy()
481483
networking.Spec.KubeadmConfigSpec.ClusterConfiguration.Networking.DNSDomain = "some dns domain"
@@ -587,6 +589,10 @@ func TestKubeadmControlPlaneValidateUpdate(t *testing.T) {
587589
externalEtcd.Spec.KubeadmConfigSpec.ClusterConfiguration.Etcd.External = &bootstrapv1.ExternalEtcd{
588590
KeyFile: "some key file",
589591
}
592+
externalEtcdChanged := before.DeepCopy()
593+
externalEtcdChanged.Spec.KubeadmConfigSpec.ClusterConfiguration.Etcd.External = &bootstrapv1.ExternalEtcd{
594+
KeyFile: "another key file",
595+
}
590596

591597
localDataDir := before.DeepCopy()
592598
localDataDir.Spec.KubeadmConfigSpec.ClusterConfiguration.Etcd.Local = &bootstrapv1.LocalEtcd{
@@ -856,6 +862,12 @@ func TestKubeadmControlPlaneValidateUpdate(t *testing.T) {
856862
before: dns,
857863
kcp: unsetCoreDNSToVersion,
858864
},
865+
{
866+
name: "should succeed when DNS is set to nil",
867+
expectErr: false,
868+
before: dns,
869+
kcp: unsetCoreDNSToVersion,
870+
},
859871
{
860872
name: "should succeed when using an valid DNS build",
861873
expectErr: false,
@@ -941,14 +953,26 @@ func TestKubeadmControlPlaneValidateUpdate(t *testing.T) {
941953
{
942954
name: "should succeed when making a change to the cluster config's external etcd's configuration",
943955
expectErr: false,
944-
before: before,
945-
kcp: externalEtcd,
956+
before: externalEtcd,
957+
kcp: externalEtcdChanged,
946958
},
947959
{
948-
name: "should fail when attempting to unset the etcd local object",
949-
expectErr: true,
960+
name: "should succeed when adding the cluster config's local etcd's configuration",
961+
expectErr: false,
962+
before: unsetEtcdLocal,
963+
kcp: etcdLocalImageTag,
964+
},
965+
{
966+
name: "should succeed when making a change to the cluster config's local etcd's configuration",
967+
expectErr: false,
968+
before: etcdLocalImageTag,
969+
kcp: etcdLocalImageTagAndDataDir,
970+
},
971+
{
972+
name: "should succeed when attempting to unset the etcd local object to fallback to the default",
973+
expectErr: false,
950974
before: etcdLocalImageTag,
951-
kcp: unsetEtcd,
975+
kcp: unsetEtcdLocal,
952976
},
953977
{
954978
name: "should fail if both local and external etcd are set",

0 commit comments

Comments
 (0)