upcoming notable changes in kubeadm 1.24
898 views
Skip to first unread message
Lubomir I. Ivanov
Jan 6, 2022, 4:47:55 PM1/6/22
to kubernetes-sig-cluster-lifecycle, Kubernetes developer/contributor discussion
hello,
we are making a few notable changes in kubeadm 1.24 that may require
user intervention.
we will keep the communication channels updated later in the release
cycle if needed.
[*] dockershim related changes:
dockershim is being removed in kubelet version 1.24. kubeadm 1.24 is
being changed to:
- treat cri-dockerd (https://github.com/Mirantis/cri-dockerd) as the
service responsible for communicating with the Docker CR on the host.
- always error out if multiple CRI compatible sockets are found on the
host and ask the user to specify which one to use. do not special case
containerd+docker if both sockets are present.
- default the kubeadm internal / static default CRI socket to
containerd (was dockershim)
- use crictl for all CRI socket communication. previously the docker
CLI was used in the case of Docker.
https://github.com/kubernetes/kubeadm/issues/2626
[*] kubeadm v1beta2 has been deprecated and we suggest that you
migrate to v1beta3. v1beta2 will be removed after 1 year / 3 releases.
"kubeadm config migrate ..." can be used for the conversion.
https://github.com/kubernetes/kubeadm/issues/2459
[*] continue the rename of the kubeadm "master" label / taint to
"control-plane".
in 1.24 we are adding a new taint
"node-role.kubernetes.io/control-plane" with effect "NoSchedule" and
removing the "node-role.kubernetes.io/master" label on nodes. in 1.20
we instructed all users to preemptively add toleration for this taint
in their workloads and to start using the newly added label
"node-role.kubernetes.io/control-plane".
this plan is detailed in the KEP linked here:
https://github.com/kubernetes/kubeadm/issues/2200
[*] the UnversionedKubeletConfigMap feature gate introduced in 1.23 is
moving to Beta in 1.24 (enabled by default). this means that kubeadm
by default will no longer create versioned objects related to the
KubeletConfiguration stored in the cluster - e.g. the
"kubelet-config-x.yy" ConfigMap will now become "kubelet-config"
(without the version x.yy). "kubeadm upgrade" will automatically
manage this for users during upgrade:
https://github.com/kubernetes/kubeadm/issues/1582
a more detailed summary was done in our issue triage / "1.24 summary"
meeting on Wed 5th Jan (there is also a VOD):
https://docs.google.com/document/d/1ONcoy8bOw8SWPUwXxnKeRZST3lnUxYpUv4Y6466h9Ek/edit
please let me know if you have any questions.
lubomir
--
we are making a few notable changes in kubeadm 1.24 that may require
user intervention.
we will keep the communication channels updated later in the release
cycle if needed.
[*] dockershim related changes:
dockershim is being removed in kubelet version 1.24. kubeadm 1.24 is
being changed to:
- treat cri-dockerd (https://github.com/Mirantis/cri-dockerd) as the
service responsible for communicating with the Docker CR on the host.
- always error out if multiple CRI compatible sockets are found on the
host and ask the user to specify which one to use. do not special case
containerd+docker if both sockets are present.
- default the kubeadm internal / static default CRI socket to
containerd (was dockershim)
- use crictl for all CRI socket communication. previously the docker
CLI was used in the case of Docker.
https://github.com/kubernetes/kubeadm/issues/2626
[*] kubeadm v1beta2 has been deprecated and we suggest that you
migrate to v1beta3. v1beta2 will be removed after 1 year / 3 releases.
"kubeadm config migrate ..." can be used for the conversion.
https://github.com/kubernetes/kubeadm/issues/2459
[*] continue the rename of the kubeadm "master" label / taint to
"control-plane".
in 1.24 we are adding a new taint
"node-role.kubernetes.io/control-plane" with effect "NoSchedule" and
removing the "node-role.kubernetes.io/master" label on nodes. in 1.20
we instructed all users to preemptively add toleration for this taint
in their workloads and to start using the newly added label
"node-role.kubernetes.io/control-plane".
this plan is detailed in the KEP linked here:
https://github.com/kubernetes/kubeadm/issues/2200
[*] the UnversionedKubeletConfigMap feature gate introduced in 1.23 is
moving to Beta in 1.24 (enabled by default). this means that kubeadm
by default will no longer create versioned objects related to the
KubeletConfiguration stored in the cluster - e.g. the
"kubelet-config-x.yy" ConfigMap will now become "kubelet-config"
(without the version x.yy). "kubeadm upgrade" will automatically
manage this for users during upgrade:
https://github.com/kubernetes/kubeadm/issues/1582
a more detailed summary was done in our issue triage / "1.24 summary"
meeting on Wed 5th Jan (there is also a VOD):
https://docs.google.com/document/d/1ONcoy8bOw8SWPUwXxnKeRZST3lnUxYpUv4Y6466h9Ek/edit
please let me know if you have any questions.
lubomir
--
Sergey Kanzhelev
Jan 6, 2022, 6:04:13 PM1/6/22
to Lubomir I. Ivanov, kubernetes-sig-cluster-lifecycle, Kubernetes developer/contributor discussion
This is great!
Can you please create tracking issues to update documentation, specifically creating a migration guide from the dockershim? Ideally add them to this project: https://github.com/orgs/kubernetes/projects/67
--
You received this message because you are subscribed to the Google Groups "[archive]Kubernetes developer/contributor discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kubernetes-dev/CAGDbWi_5tQ83H_bKYKn2G1O_UWQviUsHmnspfboB1%3DHZ-tVv7A%40mail.gmail.com.
Lubomir I. Ivanov
Jan 6, 2022, 7:33:09 PM1/6/22
to Sergey Kanzhelev, kubernetes-sig-cluster-lifecycle, Kubernetes developer/contributor discussion
On Fri, 7 Jan 2022 at 00:32, Sergey Kanzhelev <s.kan...@gmail.com> wrote:
>
> This is great!
>
> Can you please create tracking issues to update documentation, specifically creating a migration guide from the dockershim? Ideally add them to this project: https://github.com/orgs/kubernetes/projects/67
>
we use the listed k/kubeadm issues for tracking documentation changes
>
> This is great!
>
> Can you please create tracking issues to update documentation, specifically creating a migration guide from the dockershim? Ideally add them to this project: https://github.com/orgs/kubernetes/projects/67
>
as well. most of them need some minor docs updates.
WRT dockershim, this pending PR for migrating from dockershim to a
remote runtime (example is containerd) includes the required steps for
kubeadm.
https://github.com/kubernetes/website/pull/30141
it would also apply to users who wish to remain on Docker as the CR
but want to migrate to cri-dockerd.
as noted in https://github.com/kubernetes/website/issues/30974 we
likely need to explain what cri-dockerd is in the
https://kubernetes.io/docs/setup/production-environment/container-runtimes/
page but link to its external setup steps (systemd files etc..).
lubomir
--
Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages