In commit 5c58f00c11 a change was made to use
"kubeadm init phase upload-certs --upload-certs --certificate-key <key>"
to upload the certs to a K8s Secret in order to work around an issue
involving the YAML representation of IPv6 addresses.
It turns out that when used in this way, kubeadm does not upload the
external-etcd-ca.crt/external-etcd.crt/external-etcd.key entries to the
K8s Secret. This breaks the install on multi-node labs.
The fix is to revert this code back to the old way of doing it, but to
call kubeadm_configmap_reformat() to reformat the ConfigMap if
necessary prior to dumping it out. That way if it does contain IPv6
addresses in the "wrong" YAML format, it will get corrected.
Test Plan:
PASSED: Install in AIO-DX virtualbox with IPv4.
PASSED: Modified install in AIO-DX virtualbox with IPv6 address added
to kubeadm-config ConfigMap before unlocking controller-1.
Reviewed: https:/ /review. opendev. org/c/starlingx /config/ +/880897 /opendev. org/starlingx/ config/ commit/ ceb5852fcef1e64 3020f55b607dd6a d56a1c9ff2
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit ceb5852fcef1e64 3020f55b607dd6a d56a1c9ff2
Author: Chris Friesen <email address hidden>
Date: Wed Apr 19 18:45:01 2023 -0400
fixup for kubeadm cert upload
In commit 5c58f00c11 a change was made to use
"kubeadm init phase upload-certs --upload-certs --certificate-key <key>"
to upload the certs to a K8s Secret in order to work around an issue
involving the YAML representation of IPv6 addresses.
It turns out that when used in this way, kubeadm does not upload the etcd-ca. crt/external- etcd.crt/ external- etcd.key entries to the
external-
K8s Secret. This breaks the install on multi-node labs.
The fix is to revert this code back to the old way of doing it, but to configmap_ reformat( ) to reformat the ConfigMap if
call kubeadm_
necessary prior to dumping it out. That way if it does contain IPv6
addresses in the "wrong" YAML format, it will get corrected.
Test Plan:
PASSED: Install in AIO-DX virtualbox with IPv4.
PASSED: Modified install in AIO-DX virtualbox with IPv6 address added
to kubeadm-config ConfigMap before unlocking controller-1.
Closes-Bug: 2017146 50085a1843cc805 15b9af0f117
Partial-Bug: 2016041
Change-Id: I999a161e15a81a
Signed-off-by: Chris Friesen <email address hidden>