Skip to content

Commit 49b8e6d

Browse files
haircommanderhaircommander
committed
features: set userns related features to have required min kubelet version to 1.30.0
which is the lowest version the kubelet will deny a pod if a userns can't be created Signed-off-by: Peter Hunt <[email protected]>
1 parent 0290164 commit 49b8e6d

8 files changed

+138
-23
lines changed

features/features.go

+3
Original file line numberDiff line numberDiff line change
@@ -677,6 +677,7 @@ var (
677677
productScope(kubernetes).
678678
enhancementPR("https://github.com/kubernetes/enhancements/issues/127").
679679
enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
680+
requiredMinimumKubeletVersion("1.30.0").
680681
mustRegister()
681682

682683
FeatureGateUserNamespacesPodSecurityStandards = newFeatureGate("UserNamespacesPodSecurityStandards").
@@ -685,6 +686,7 @@ var (
685686
productScope(kubernetes).
686687
enhancementPR("https://github.com/kubernetes/enhancements/issues/127").
687688
enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
689+
requiredMinimumKubeletVersion("1.30.0").
688690
mustRegister()
689691

690692
FeatureGateProcMountType = newFeatureGate("ProcMountType").
@@ -693,6 +695,7 @@ var (
693695
productScope(kubernetes).
694696
enhancementPR("https://github.com/kubernetes/enhancements/issues/4265").
695697
enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
698+
requiredMinimumKubeletVersion("1.30.0").
696699
mustRegister()
697700

698701
FeatureGateVSphereMultiNetworks = newFeatureGate("VSphereMultiNetworks").

features/util.go

+9-5
Original file line numberDiff line numberDiff line change
@@ -23,9 +23,6 @@ type FeatureGateDescription struct {
2323
OwningProduct OwningProduct
2424
// EnhancementPR is the PR for the enhancement.
2525
EnhancementPR string
26-
// RequiredMinimumKubeletVersion is the lowest version the MinimumKubeletVersion field in the
27-
// nodes.config object may be set to to enable this feature.
28-
RequiredMinimumKubeletVersion string
2926
}
3027

3128
type FeatureGateEnabledDisabled struct {
@@ -151,10 +148,17 @@ func (b *featureGateBuilder) register() (configv1.FeatureGateName, error) {
151148
}
152149

153150
featureGateName := configv1.FeatureGateName(b.name)
151+
var minComponentVersions []configv1.RequiredMinimumComponentVersion
152+
if b.minimumKubeletVersion != "" {
153+
minComponentVersions = []configv1.RequiredMinimumComponentVersion{{
154+
Component: configv1.RequiredMinimumComponentKubelet,
155+
Version: b.minimumKubeletVersion,
156+
}}
157+
}
154158
description := FeatureGateDescription{
155159
FeatureGateAttributes: configv1.FeatureGateAttributes{
156-
Name: featureGateName,
157-
RequiredMinimumKubeletVersion: b.minimumKubeletVersion,
160+
Name: featureGateName,
161+
RequiredMinimumComponentVersions: minComponentVersions,
158162
},
159163
OwningJiraComponent: b.owningJiraComponent,
160164
ResponsiblePerson: b.responsiblePerson,

payload-manifests/featuregates/featureGate-Hypershift-Default.yaml

+21-3
Original file line numberDiff line numberDiff line change
@@ -152,7 +152,13 @@
152152
"name": "PlatformOperators"
153153
},
154154
{
155-
"name": "ProcMountType"
155+
"name": "ProcMountType",
156+
"requiredMinimumComponentVersions": [
157+
{
158+
"component": "kubelet",
159+
"version": "1.30.0"
160+
}
161+
]
156162
},
157163
{
158164
"name": "RouteAdvertisements"
@@ -185,10 +191,22 @@
185191
"name": "UpgradeStatus"
186192
},
187193
{
188-
"name": "UserNamespacesPodSecurityStandards"
194+
"name": "UserNamespacesPodSecurityStandards",
195+
"requiredMinimumComponentVersions": [
196+
{
197+
"component": "kubelet",
198+
"version": "1.30.0"
199+
}
200+
]
189201
},
190202
{
191-
"name": "UserNamespacesSupport"
203+
"name": "UserNamespacesSupport",
204+
"requiredMinimumComponentVersions": [
205+
{
206+
"component": "kubelet",
207+
"version": "1.30.0"
208+
}
209+
]
192210
},
193211
{
194212
"name": "VSphereHostVMGroupZonal"

payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml

+21-3
Original file line numberDiff line numberDiff line change
@@ -234,7 +234,13 @@
234234
"name": "PrivateHostedZoneAWS"
235235
},
236236
{
237-
"name": "ProcMountType"
237+
"name": "ProcMountType",
238+
"requiredMinimumComponentVersions": [
239+
{
240+
"component": "kubelet",
241+
"version": "1.30.0"
242+
}
243+
]
238244
},
239245
{
240246
"name": "RouteAdvertisements"
@@ -270,10 +276,22 @@
270276
"name": "UpgradeStatus"
271277
},
272278
{
273-
"name": "UserNamespacesPodSecurityStandards"
279+
"name": "UserNamespacesPodSecurityStandards",
280+
"requiredMinimumComponentVersions": [
281+
{
282+
"component": "kubelet",
283+
"version": "1.30.0"
284+
}
285+
]
274286
},
275287
{
276-
"name": "UserNamespacesSupport"
288+
"name": "UserNamespacesSupport",
289+
"requiredMinimumComponentVersions": [
290+
{
291+
"component": "kubelet",
292+
"version": "1.30.0"
293+
}
294+
]
277295
},
278296
{
279297
"name": "VSphereControlPlaneMachineSet"

payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml

+21-3
Original file line numberDiff line numberDiff line change
@@ -243,7 +243,13 @@
243243
"name": "PrivateHostedZoneAWS"
244244
},
245245
{
246-
"name": "ProcMountType"
246+
"name": "ProcMountType",
247+
"requiredMinimumComponentVersions": [
248+
{
249+
"component": "kubelet",
250+
"version": "1.30.0"
251+
}
252+
]
247253
},
248254
{
249255
"name": "RouteAdvertisements"
@@ -270,10 +276,22 @@
270276
"name": "UpgradeStatus"
271277
},
272278
{
273-
"name": "UserNamespacesPodSecurityStandards"
279+
"name": "UserNamespacesPodSecurityStandards",
280+
"requiredMinimumComponentVersions": [
281+
{
282+
"component": "kubelet",
283+
"version": "1.30.0"
284+
}
285+
]
274286
},
275287
{
276-
"name": "UserNamespacesSupport"
288+
"name": "UserNamespacesSupport",
289+
"requiredMinimumComponentVersions": [
290+
{
291+
"component": "kubelet",
292+
"version": "1.30.0"
293+
}
294+
]
277295
},
278296
{
279297
"name": "VSphereControlPlaneMachineSet"

payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml

+21-3
Original file line numberDiff line numberDiff line change
@@ -152,7 +152,13 @@
152152
"name": "PlatformOperators"
153153
},
154154
{
155-
"name": "ProcMountType"
155+
"name": "ProcMountType",
156+
"requiredMinimumComponentVersions": [
157+
{
158+
"component": "kubelet",
159+
"version": "1.30.0"
160+
}
161+
]
156162
},
157163
{
158164
"name": "RouteAdvertisements"
@@ -185,10 +191,22 @@
185191
"name": "UpgradeStatus"
186192
},
187193
{
188-
"name": "UserNamespacesPodSecurityStandards"
194+
"name": "UserNamespacesPodSecurityStandards",
195+
"requiredMinimumComponentVersions": [
196+
{
197+
"component": "kubelet",
198+
"version": "1.30.0"
199+
}
200+
]
189201
},
190202
{
191-
"name": "UserNamespacesSupport"
203+
"name": "UserNamespacesSupport",
204+
"requiredMinimumComponentVersions": [
205+
{
206+
"component": "kubelet",
207+
"version": "1.30.0"
208+
}
209+
]
192210
},
193211
{
194212
"name": "VSphereHostVMGroupZonal"

payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml

+21-3
Original file line numberDiff line numberDiff line change
@@ -234,7 +234,13 @@
234234
"name": "PrivateHostedZoneAWS"
235235
},
236236
{
237-
"name": "ProcMountType"
237+
"name": "ProcMountType",
238+
"requiredMinimumComponentVersions": [
239+
{
240+
"component": "kubelet",
241+
"version": "1.30.0"
242+
}
243+
]
238244
},
239245
{
240246
"name": "RouteAdvertisements"
@@ -270,10 +276,22 @@
270276
"name": "UpgradeStatus"
271277
},
272278
{
273-
"name": "UserNamespacesPodSecurityStandards"
279+
"name": "UserNamespacesPodSecurityStandards",
280+
"requiredMinimumComponentVersions": [
281+
{
282+
"component": "kubelet",
283+
"version": "1.30.0"
284+
}
285+
]
274286
},
275287
{
276-
"name": "UserNamespacesSupport"
288+
"name": "UserNamespacesSupport",
289+
"requiredMinimumComponentVersions": [
290+
{
291+
"component": "kubelet",
292+
"version": "1.30.0"
293+
}
294+
]
277295
},
278296
{
279297
"name": "VSphereControlPlaneMachineSet"

payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml

+21-3
Original file line numberDiff line numberDiff line change
@@ -243,7 +243,13 @@
243243
"name": "PrivateHostedZoneAWS"
244244
},
245245
{
246-
"name": "ProcMountType"
246+
"name": "ProcMountType",
247+
"requiredMinimumComponentVersions": [
248+
{
249+
"component": "kubelet",
250+
"version": "1.30.0"
251+
}
252+
]
247253
},
248254
{
249255
"name": "RouteAdvertisements"
@@ -270,10 +276,22 @@
270276
"name": "UpgradeStatus"
271277
},
272278
{
273-
"name": "UserNamespacesPodSecurityStandards"
279+
"name": "UserNamespacesPodSecurityStandards",
280+
"requiredMinimumComponentVersions": [
281+
{
282+
"component": "kubelet",
283+
"version": "1.30.0"
284+
}
285+
]
274286
},
275287
{
276-
"name": "UserNamespacesSupport"
288+
"name": "UserNamespacesSupport",
289+
"requiredMinimumComponentVersions": [
290+
{
291+
"component": "kubelet",
292+
"version": "1.30.0"
293+
}
294+
]
277295
},
278296
{
279297
"name": "VSphereControlPlaneMachineSet"

0 commit comments

Comments
 (0)