Merge pull request #2088 from brb/no-kube-proxy

Add possibility to disable kube-proxy

Author: BenTheElder

pkg/apis/config/v1alpha4/default.go

@@ -68,7 +68,7 @@ func SetDefaultsCluster(obj *Cluster) {
 	}
 	// default the KubeProxyMode using iptables as it's already the default
 	if obj.Networking.KubeProxyMode == "" {
-		obj.Networking.KubeProxyMode = IPTablesMode
+		obj.Networking.KubeProxyMode = IPTablesProxyMode
 	}
 }
 

pkg/apis/config/v1alpha4/types.go

@@ -202,10 +202,10 @@ const (
 type ProxyMode string
 
 const (
-	// IPTablesMode sets ProxyMode to iptables
-	IPTablesMode ProxyMode = "iptables"
-	// IPVSMode sets ProxyMode to iptables
-	IPVSMode ProxyMode = "ipvs"
+	// IPTablesProxyMode sets ProxyMode to iptables
+	IPTablesProxyMode ProxyMode = "iptables"
+	// IPVSProxyMode sets ProxyMode to iptables
+	IPVSProxyMode ProxyMode = "ipvs"
 )
 
 // PatchJSON6902 represents an inline kustomize json 6902 patch

pkg/cluster/internal/create/actions/kubeadminit/init.go

@@ -26,16 +26,19 @@ import (
 	"sigs.k8s.io/kind/pkg/cluster/nodeutils"
 
 	"sigs.k8s.io/kind/pkg/cluster/internal/create/actions"
+	"sigs.k8s.io/kind/pkg/internal/apis/config"
 )
 
 // kubeadmInitAction implements action for executing the kubeadm init
 // and a set of default post init operations like e.g. install the
 // CNI network plugin.
-type action struct{}
+type action struct {
+	skipKubeProxy bool
+}
 
 // NewAction returns a new action for kubeadm init
-func NewAction() actions.Action {
-	return &action{}
+func NewAction(cfg *config.Cluster) actions.Action {
+	return &action{skipKubeProxy: cfg.Networking.KubeProxyMode == config.NoneProxyMode}
 }
 
 // Execute runs the action
@@ -56,13 +59,18 @@ func (a *action) Execute(ctx *actions.ActionContext) error {
 		return err
 	}
 
+	// skip preflight checks, as these have undesirable side effects
+	// and don't tell us much. requires kubeadm 1.13+
+	skipPhases := "preflight"
+	if a.skipKubeProxy {
+		skipPhases += ",addon/kube-proxy"
+	}
+
 	// run kubeadm
 	cmd := node.Command(
 		// init because this is the control plane node
 		"kubeadm", "init",
-		// skip preflight checks, as these have undesirable side effects
-		// and don't tell us much. requires kubeadm 1.13+
-		"--skip-phases=preflight",
+		"--skip-phases="+skipPhases,
 		// specify our generated config file
 		"--config=/kind/kubeadm.conf",
 		"--skip-token-print",

pkg/cluster/internal/create/create.go

@@ -108,7 +108,7 @@ func Cluster(logger log.Logger, p providers.Provider, opts *ClusterOptions) erro
 	}
 	if !opts.StopBeforeSettingUpKubernetes {
 		actionsToRun = append(actionsToRun,
-			kubeadminit.NewAction(), // run kubeadm init
+			kubeadminit.NewAction(opts.Config), // run kubeadm init
 		)
 		// this step might be skipped, but is next after init
 		if !opts.Config.Networking.DisableDefaultCNI {

pkg/cluster/internal/kubeadm/config.go

@@ -245,6 +245,7 @@ evictionHard:
 {{ range $key := .SortedFeatureGateKeys }}
   "{{ $key }}": {{$.FeatureGates $key }}
 {{end}}{{end}}
+{{if ne .KubeProxyMode "None"}}
 ---
 apiVersion: kubeproxy.config.k8s.io/v1alpha1
 kind: KubeProxyConfiguration
@@ -257,6 +258,7 @@ mode: "{{ .KubeProxyMode }}"
 {{end}}{{end}}
 iptables:
   minSyncPeriod: 1s
+{{end}}
 `
 
 // ConfigTemplateBetaV2 is the kubeadm config template for API version v1beta2
@@ -370,6 +372,7 @@ evictionHard:
 {{ range $key := .SortedFeatureGateKeys }}
   "{{ $key }}": {{ index $.FeatureGates $key }}
 {{end}}{{end}}
+{{if ne .KubeProxyMode "None"}}
 ---
 apiVersion: kubeproxy.config.k8s.io/v1alpha1
 kind: KubeProxyConfiguration
@@ -382,6 +385,7 @@ mode: "{{ .KubeProxyMode }}"
 {{end}}{{end}}
 iptables:
   minSyncPeriod: 1s
+{{end}}
 `
 
 // Config returns a kubeadm config generated from config data, in particular

pkg/internal/apis/config/default.go

@@ -163,10 +163,12 @@ const (
 type ProxyMode string
 
 const (
-	// IPTablesMode sets ProxyMode to iptables
-	IPTablesMode ProxyMode = "iptables"
-	// IPVSMode sets ProxyMode to iptables
-	IPVSMode ProxyMode = "ipvs"
+	// IPTablesProxyMode sets ProxyMode to iptables
+	IPTablesProxyMode ProxyMode = "iptables"
+	// IPVSProxyMode sets ProxyMode to iptables
+	IPVSProxyMode ProxyMode = "ipvs"
+	// NoneProxyMode disables kube-proxy
+	NoneProxyMode ProxyMode = "none"
 )
 
 // PatchJSON6902 represents an inline kustomize json 6902 patch

pkg/internal/apis/config/types.go

@@ -59,7 +59,8 @@ func (c *Cluster) Validate() error {
 	}
 
 	// KubeProxyMode should be iptables or ipvs
-	if c.Networking.KubeProxyMode != IPTablesMode && c.Networking.KubeProxyMode != IPVSMode {
+	if c.Networking.KubeProxyMode != IPTablesProxyMode && c.Networking.KubeProxyMode != IPVSProxyMode &&
+		c.Networking.KubeProxyMode != NoneProxyMode {
 		errs = append(errs, errors.Errorf("invalid kubeProxyMode: %s", c.Networking.KubeProxyMode))
 	}
 

pkg/internal/apis/config/validate.go

@@ -168,6 +168,8 @@ networking:
   kubeProxyMode: "ipvs"
 {{< /codeFromInline >}}
 
+To disable kube-proxy, set the mode to `"none"`.
+
 ### Nodes
 The `kind: Cluster` object has a `nodes` field containing a list of `node`
 objects. If unset this defaults to: