From 413585681b45b8861a48158abdd5698dabef76c1 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Thu, 11 Jun 2020 23:55:58 -0700 Subject: [PATCH] Remove unused Kubelet lock-file and exit-on-lock-contention * Kubelet `--lock-file` and `--exit-on-lock-contention` date back to usage of bootkube and at one point running Kubelet in a "self-hosted" style whereby an on-host Kubelet (rkt) started pods, but then a Kubelet DaemonSet was scheduled and able to take over (hence self-hosted). `lock-file` and `exit-on-lock-contention` flags supported this pivot. The pattern has been out of favor (in bootkube too) for years because of dueling Kubelet complexity * Typhoon runs Kubelet as a container via an on-host systemd unit using podman (Fedora CoreOS) or rkt (Flatcar Linux). In fact, Typhoon no longer uses bootkube or control plane pivot (let alone Kubelet pivot) and uses static pods since v1.16.0 * https://github.com/poseidon/typhoon/pull/536 --- CHANGES.md | 1 + aws/container-linux/kubernetes/cl/controller.yaml | 2 -- aws/container-linux/kubernetes/workers/cl/worker.yaml | 2 -- aws/fedora-coreos/kubernetes/fcc/controller.yaml | 2 -- aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml | 2 -- azure/container-linux/kubernetes/cl/controller.yaml | 2 -- azure/container-linux/kubernetes/workers/cl/worker.yaml | 2 -- azure/fedora-coreos/kubernetes/fcc/controller.yaml | 2 -- azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml | 2 -- bare-metal/container-linux/kubernetes/cl/controller.yaml | 2 -- bare-metal/container-linux/kubernetes/cl/worker.yaml | 2 -- bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml | 2 -- bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml | 2 -- digital-ocean/container-linux/kubernetes/cl/controller.yaml | 2 -- digital-ocean/container-linux/kubernetes/cl/worker.yaml | 2 -- digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml | 2 -- digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml | 2 -- google-cloud/container-linux/kubernetes/cl/controller.yaml | 2 -- google-cloud/container-linux/kubernetes/workers/cl/worker.yaml | 2 -- google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml | 2 -- google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml | 2 -- 21 files changed, 1 insertion(+), 40 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index cbdf16cb..f5d55bed 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -13,6 +13,7 @@ Notable changes between versions. automated image builds are still available with an alternate tag strategy (see [docs](https://typhoon.psdn.io/topics/security/#container-images)) * Update Calico from v3.14.0 to [v3.14.1](https://docs.projectcalico.org/v3.14/release-notes/) +* Remove unused Kubelet `-lock-file` and `-exit-on-lock-contention` ### Fedora CoreOS diff --git a/aws/container-linux/kubernetes/cl/controller.yaml b/aws/container-linux/kubernetes/cl/controller.yaml index ac7efce4..77774e60 100644 --- a/aws/container-linux/kubernetes/cl/controller.yaml +++ b/aws/container-linux/kubernetes/cl/controller.yaml @@ -102,10 +102,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/aws/container-linux/kubernetes/workers/cl/worker.yaml b/aws/container-linux/kubernetes/workers/cl/worker.yaml index 3743b6b6..77bd79d1 100644 --- a/aws/container-linux/kubernetes/workers/cl/worker.yaml +++ b/aws/container-linux/kubernetes/workers/cl/worker.yaml @@ -75,10 +75,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ %{~ for label in split(",", node_labels) ~} diff --git a/aws/fedora-coreos/kubernetes/fcc/controller.yaml b/aws/fedora-coreos/kubernetes/fcc/controller.yaml index 7bea44b0..116a9162 100644 --- a/aws/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/aws/fedora-coreos/kubernetes/fcc/controller.yaml @@ -92,10 +92,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml index 062f117a..ec868794 100644 --- a/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml +++ b/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml @@ -62,10 +62,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ %{~ for label in split(",", node_labels) ~} diff --git a/azure/container-linux/kubernetes/cl/controller.yaml b/azure/container-linux/kubernetes/cl/controller.yaml index babca9b9..0418f8de 100644 --- a/azure/container-linux/kubernetes/cl/controller.yaml +++ b/azure/container-linux/kubernetes/cl/controller.yaml @@ -100,10 +100,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/azure/container-linux/kubernetes/workers/cl/worker.yaml b/azure/container-linux/kubernetes/workers/cl/worker.yaml index 402e21a6..3ca24962 100644 --- a/azure/container-linux/kubernetes/workers/cl/worker.yaml +++ b/azure/container-linux/kubernetes/workers/cl/worker.yaml @@ -73,10 +73,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ %{~ for label in split(",", node_labels) ~} diff --git a/azure/fedora-coreos/kubernetes/fcc/controller.yaml b/azure/fedora-coreos/kubernetes/fcc/controller.yaml index 4831048c..47fc9edd 100644 --- a/azure/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/azure/fedora-coreos/kubernetes/fcc/controller.yaml @@ -92,10 +92,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml index 815a67a7..8da2e507 100644 --- a/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml +++ b/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml @@ -62,10 +62,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ %{~ for label in split(",", node_labels) ~} diff --git a/bare-metal/container-linux/kubernetes/cl/controller.yaml b/bare-metal/container-linux/kubernetes/cl/controller.yaml index 39943050..cdf38214 100644 --- a/bare-metal/container-linux/kubernetes/cl/controller.yaml +++ b/bare-metal/container-linux/kubernetes/cl/controller.yaml @@ -114,11 +114,9 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --hostname-override=${domain_name} \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/bare-metal/container-linux/kubernetes/cl/worker.yaml b/bare-metal/container-linux/kubernetes/cl/worker.yaml index e83bf389..a0671641 100644 --- a/bare-metal/container-linux/kubernetes/cl/worker.yaml +++ b/bare-metal/container-linux/kubernetes/cl/worker.yaml @@ -87,11 +87,9 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --hostname-override=${domain_name} \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ %{~ for label in compact(split(",", node_labels)) ~} diff --git a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml index d2c756ee..63f3acda 100644 --- a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml @@ -93,11 +93,9 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --hostname-override=${domain_name} \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml b/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml index 0c7e114a..80d3771a 100644 --- a/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml +++ b/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml @@ -63,11 +63,9 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --hostname-override=${domain_name} \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ %{~ for label in compact(split(",", node_labels)) ~} diff --git a/digital-ocean/container-linux/kubernetes/cl/controller.yaml b/digital-ocean/container-linux/kubernetes/cl/controller.yaml index ef139512..ca1d725f 100644 --- a/digital-ocean/container-linux/kubernetes/cl/controller.yaml +++ b/digital-ocean/container-linux/kubernetes/cl/controller.yaml @@ -111,11 +111,9 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/digital-ocean/container-linux/kubernetes/cl/worker.yaml b/digital-ocean/container-linux/kubernetes/cl/worker.yaml index 387f0f03..e3dc92f6 100644 --- a/digital-ocean/container-linux/kubernetes/cl/worker.yaml +++ b/digital-ocean/container-linux/kubernetes/cl/worker.yaml @@ -84,11 +84,9 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ --pod-manifest-path=/etc/kubernetes/manifests \ diff --git a/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml b/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml index d8a9bd92..9a70c5a8 100644 --- a/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml @@ -94,11 +94,9 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --hostname-override=$${AFTERBURN_DIGITALOCEAN_IPV4_PRIVATE_0} \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml b/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml index 02667f87..f5187ed9 100644 --- a/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml +++ b/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml @@ -65,11 +65,9 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --hostname-override=$${AFTERBURN_DIGITALOCEAN_IPV4_PRIVATE_0} \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ --pod-manifest-path=/etc/kubernetes/manifests \ diff --git a/google-cloud/container-linux/kubernetes/cl/controller.yaml b/google-cloud/container-linux/kubernetes/cl/controller.yaml index 28bc2510..2960aa59 100644 --- a/google-cloud/container-linux/kubernetes/cl/controller.yaml +++ b/google-cloud/container-linux/kubernetes/cl/controller.yaml @@ -100,10 +100,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml b/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml index 048b667e..a53ab0ae 100644 --- a/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml +++ b/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml @@ -73,10 +73,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ %{~ for label in split(",", node_labels) ~} diff --git a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml index 7bea44b0..116a9162 100644 --- a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml @@ -92,10 +92,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/master \ --node-labels=node.kubernetes.io/controller="true" \ diff --git a/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml index 062f117a..ec868794 100644 --- a/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml +++ b/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml @@ -62,10 +62,8 @@ systemd: --cluster_dns=${cluster_dns_service_ip} \ --cluster_domain=${cluster_domain_suffix} \ --cni-conf-dir=/etc/kubernetes/cni/net.d \ - --exit-on-lock-contention \ --healthz-port=0 \ --kubeconfig=/var/lib/kubelet/kubeconfig \ - --lock-file=/var/run/lock/kubelet.lock \ --network-plugin=cni \ --node-labels=node.kubernetes.io/node \ %{~ for label in split(",", node_labels) ~}