You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: enhancements/machine-api/out-of-tree-provider-support.md
+33-12
Original file line number
Diff line number
Diff line change
@@ -31,7 +31,10 @@ superseded-by:
31
31
32
32
## Open Questions
33
33
34
-
TBD
34
+
1) Should we running `cloud-controller-manager` as:
35
+
- static `Pod` managed from the `Node` filesystem.
36
+
-`Deployment` backing up the `Pod`.
37
+
-`ReplicaSet` to run a `Pod` on each master node.
35
38
36
39
## Summary
37
40
@@ -50,7 +53,7 @@ Upstream is currently moving towards exclusion of in-tree cloud-provider code fr
50
53
### Non-Goals
51
54
52
55
- Force immediate exclusion of in-tree support for currently used providers, as their out-of-tree counterparts are added.
53
-
-Introduce other approaches to rollout IPI cluster with `kind` or `cluster-api`.
56
+
-Add support for running multiple cloud configurations in a single cluster.
54
57
55
58
## Proposal
56
59
@@ -87,20 +90,35 @@ The `external CCM` implementation will be hosted within openshift repository in
87
90
88
91
Preparation steps, common for all providers:
89
92
- Add support for recognition of the `external` option in library-go: https://github.com/openshift/library-go/blob/master/pkg/operator/configobserver/cloudprovider/observe_cloudprovider.go#L154 which will disable config parsing and add `external-cloud-config` option in the `Infrastructure` resource, which will be only used for external providers.
90
-
- Port the templates of `cloud-controller` from upstream repositories into proposed https://github.com/openshift/cluster-cloud-controller-manager-operator repository. Those templates will belong to newly created `openshift-cloud-controller` namespace.
93
+
- Port the templates of `cloud-controller` from upstream repositories into proposed https://github.com/openshift/cluster-cloud-controller-manager-operator repository. Those templates will belong to newly created `openshift-cloud-controller` namespace and be managed with an operator.
91
94
92
95
Each provider implementation will need to do the following minimal set of actions in order to make out-of-tree implemetation work:
93
96
- Add `external` flag to `kube-controller-manager` pod instead of the previously used provider. Remove the `cloud-config` option from the template.
94
-
- Add `external` flag to `kubelet`.
95
-
- Deploy a `cloud-controller``DaemonSet` in the `openshift-cloud-controller` namespace.
97
+
- Add `external` flag to `kubelet`. Remove the `cloud-config` option from the template.
98
+
- Deploy a `cloud-controller`pod in the `openshift-cloud-controller` namespace.
96
99
97
100
## Design Details
98
101
102
+
### Kubelet
103
+
104
+
Openshift manages `kubelet` configuration with `machine-config-operator`. The actual `cloud-config` arguments are passed externally from the `Infrastructure` resource on https://github.com/openshift/machine-config-operator/blob/2a51e49b0835bbd3ac60baa685299e86777b064f/pkg/controller/template/render.go#L310-L357, where the support for `external` cloud provider should be added. For each platform with `external` configuration, the `cloud-config` flag should not be set.
105
+
106
+
### Kube-api-server
107
+
108
+
No changes for the current configuration are needed
109
+
110
+
### Kube-controller-manager
111
+
112
+
TBD
113
+
99
114
#### Upgrade/Downgrade strategy
100
115
101
116
Upstream [proposal](https://github.com/kubernetes/enhancements/blob/473d6a094f07e399079d1ce4698d6e52ddcc1567/keps/sig-cloud-provider/20190422-cloud-controller-manager-migration.md#motivation) describes main pinpoints for migration between in-tree and out-of-tree for HA clusters. They propose implementation for cross-namespace leadership delegation, which would help Openshift to preserve HA during upgrages.
102
117
103
-
In case the cluster does not require to be HA, then upgrading under CVO management, which will lead to two simultanious replicas of `cloud-controller`s running at the same time at some moment is not a problem.
118
+
In case the cluster does not require to be HA, then upgrading under CVO management, which will lead to two simultanious replicas of `cloud-controllers` running at the same time at some moment is not a problem. Each provider, therefore supports multiple options to run the `cloud-controller`:
119
+
120
+
1) As a `DaemonSet`. This is the HA option, where the leader-election on the running pod ensuring a single replica is serving cluster at any point in time.
121
+
2) As a `Pod`. For Openshift this option is not sufficient, so non-HA environment will run this pod under `Deployment` or as a static resource managed from the `Node` filesystem in the `openshift-cloud-controller` namespace.
104
122
105
123
#### Examples
106
124
@@ -109,6 +127,12 @@ In case the cluster does not require to be HA, then upgrading under CVO manageme
109
127
Main repository: https://github.com/kubernetes/cloud-provider-aws/
- Each provider at the time of migration should have a working CI implemetation, which will assist in testing the provisioning with out-of-tree support enabled. This requeires vSphere CI to be up and running and upgrade support for other providers.
153
+
- Each provider at the time of migration should have a working CI implemetation, which will assist in testing the provisioning with out-of-tree support enabled.
134
154
- Ensure that transition between in-tree and out-of-tree will be handled by the `Infrastracture``external-cloud-config` field being set.
135
-
- TBD
155
+
- Ensure in-tree and out-of-tree providers could co-exist in the cluster if this is supported.
156
+
- Ensure that upgrade from a release running on in-tree provider only to the out-of-tree succeeds.
0 commit comments