From 626a814e6ab3700110762d2f15245a81cf906f4a Mon Sep 17 00:00:00 2001 From: Sonu Kumar Singh Date: Fri, 16 Jun 2023 17:15:17 +0530 Subject: [PATCH] Deprecate `node-local-dns` annotations (#8067) * Deprecate `node-local-dns` annotations * Add warning for `node-local-dns` annotations * Add TODO * Address review * Address review --- pkg/api/core/shoot/warnings.go | 22 +++++++++++++++ pkg/api/core/shoot/warnings_test.go | 28 +++++++++++++++++++ .../core/v1beta1/constants/types_constants.go | 6 ++++ 3 files changed, 56 insertions(+) diff --git a/pkg/api/core/shoot/warnings.go b/pkg/api/core/shoot/warnings.go index ae6622d5b0d..6697b8aac44 100644 --- a/pkg/api/core/shoot/warnings.go +++ b/pkg/api/core/shoot/warnings.go @@ -24,6 +24,7 @@ import ( "github.com/gardener/gardener/pkg/apis/core" "github.com/gardener/gardener/pkg/apis/core/helper" + v1beta1constants "github.com/gardener/gardener/pkg/apis/core/v1beta1/constants" versionutils "github.com/gardener/gardener/pkg/utils/version" ) @@ -39,6 +40,9 @@ func GetWarnings(_ context.Context, shoot, oldShoot *core.Shoot, credentialsRota warnings = append(warnings, "you should consider disabling the static token kubeconfig, see https://github.com/gardener/gardener/blob/master/docs/usage/shoot_access.md for details") } + // TODO(acumino): Drop this warning in v1.78, with dropping of annotation to enable node-local-dns. + warnings = append(warnings, getWarningsForDeprecatedNodeLocalDNSLabels(shoot)...) + if oldShoot != nil { warnings = append(warnings, getWarningsForDueCredentialsRotations(shoot, credentialsRotationInterval)...) warnings = append(warnings, getWarningsForIncompleteCredentialsRotation(shoot, credentialsRotationInterval)...) @@ -60,6 +64,24 @@ func GetWarnings(_ context.Context, shoot, oldShoot *core.Shoot, credentialsRota return warnings } +func getWarningsForDeprecatedNodeLocalDNSLabels(shoot *core.Shoot) []string { + var warnings []string + + if _, ok := shoot.Annotations[v1beta1constants.AnnotationNodeLocalDNS]; ok { + warnings = append(warnings, fmt.Sprintf("annotation %v is deprecated. Use field `.spec.systemComponents.nodeLocalDNS.enabled` in Shoot instead. Switching on node-local-dns via shoot specification will roll the nodes even if node-local-dns was enabled beforehand via annotation.", v1beta1constants.AnnotationNodeLocalDNS)) + } + + if _, ok := shoot.Annotations[v1beta1constants.AnnotationNodeLocalDNSForceTcpToClusterDns]; ok { + warnings = append(warnings, fmt.Sprintf("annotation %v is deprecated. Use field `.spec.systemComponents.nodeLocalDNS.forceTCPToClusterDNS` in Shoot instead.", v1beta1constants.AnnotationNodeLocalDNSForceTcpToClusterDns)) + } + + if _, ok := shoot.Annotations[v1beta1constants.AnnotationNodeLocalDNSForceTcpToUpstreamDns]; ok { + warnings = append(warnings, fmt.Sprintf("annotation %v is deprecated. Use field `.spec.systemComponents.nodeLocalDNS.forceTCPToUpstreamDNS` in Shoot instead.", v1beta1constants.AnnotationNodeLocalDNSForceTcpToUpstreamDns)) + } + + return warnings +} + func getWarningsForDueCredentialsRotations(shoot *core.Shoot, credentialsRotationInterval time.Duration) []string { if !isOldEnough(shoot.CreationTimestamp.Time, credentialsRotationInterval) { return nil diff --git a/pkg/api/core/shoot/warnings_test.go b/pkg/api/core/shoot/warnings_test.go index 47c77877ed2..7482dd2067f 100644 --- a/pkg/api/core/shoot/warnings_test.go +++ b/pkg/api/core/shoot/warnings_test.go @@ -26,6 +26,7 @@ import ( . "github.com/gardener/gardener/pkg/api/core/shoot" "github.com/gardener/gardener/pkg/apis/core" + v1beta1constants "github.com/gardener/gardener/pkg/apis/core/v1beta1/constants" ) var _ = Describe("Warnings", func() { @@ -337,6 +338,33 @@ var _ = Describe("Warnings", func() { }) }) + Context("node-local-dns annotations", func() { + It("should return a warning when annotation `alpha.featuregates.shoot.gardener.cloud/node-local-dns` is present", func() { + shoot.Annotations = map[string]string{ + v1beta1constants.AnnotationNodeLocalDNS: "true", + } + Expect(GetWarnings(ctx, shoot, nil, credentialsRotationInterval)).To(ContainElement(Equal("annotation alpha.featuregates.shoot.gardener.cloud/node-local-dns is deprecated. Use field `.spec.systemComponents.nodeLocalDNS.enabled` in Shoot instead. Switching on node-local-dns via shoot specification will roll the nodes even if node-local-dns was enabled beforehand via annotation."))) + }) + + It("should return a warning when annotation `alpha.featuregates.shoot.gardener.cloud/node-local-dns-force-tcp-to-cluster-dns` is present", func() { + shoot.Annotations = map[string]string{ + v1beta1constants.AnnotationNodeLocalDNSForceTcpToClusterDns: "true", + } + Expect(GetWarnings(ctx, shoot, nil, credentialsRotationInterval)).To(ContainElement(Equal("annotation alpha.featuregates.shoot.gardener.cloud/node-local-dns-force-tcp-to-cluster-dns is deprecated. Use field `.spec.systemComponents.nodeLocalDNS.forceTCPToClusterDNS` in Shoot instead."))) + }) + + It("should return a warning when annotation `alpha.featuregates.shoot.gardener.cloud/node-local-dns-force-tcp-to-upstream-dns` is present", func() { + shoot.Annotations = map[string]string{ + v1beta1constants.AnnotationNodeLocalDNSForceTcpToUpstreamDns: "true", + } + Expect(GetWarnings(ctx, shoot, nil, credentialsRotationInterval)).To(ContainElement(Equal("annotation alpha.featuregates.shoot.gardener.cloud/node-local-dns-force-tcp-to-upstream-dns is deprecated. Use field `.spec.systemComponents.nodeLocalDNS.forceTCPToUpstreamDNS` in Shoot instead."))) + }) + + It("should not return a warning when the node-local-dns related annotation is not present", func() { + Expect(GetWarnings(ctx, shoot, nil, credentialsRotationInterval)).To(BeEmpty()) + }) + }) + It("should return a warning when podEvictionTimeout is set", func() { shoot.Spec.Kubernetes.KubeControllerManager = &core.KubeControllerManagerConfig{ PodEvictionTimeout: &metav1.Duration{Duration: 2 * time.Minute}, diff --git a/pkg/apis/core/v1beta1/constants/types_constants.go b/pkg/apis/core/v1beta1/constants/types_constants.go index 49d7b68e2b7..d4a9c517e68 100644 --- a/pkg/apis/core/v1beta1/constants/types_constants.go +++ b/pkg/apis/core/v1beta1/constants/types_constants.go @@ -577,10 +577,16 @@ const ( // delays will not recompute it. AnnotationShootCloudConfigExecutionMaxDelaySeconds = "shoot.gardener.cloud/cloud-config-execution-max-delay-seconds" // AnnotationNodeLocalDNS enables a per node dns cache on the shoot cluster. + // Deprecated: This annotation is deprecated and will be removed in a future version. + // Use field `.spec.systemComponents.nodeLocalDNS.enabled` in Shoot instead. AnnotationNodeLocalDNS = "alpha.featuregates.shoot.gardener.cloud/node-local-dns" // AnnotationNodeLocalDNSForceTcpToClusterDns enforces upgrade to tcp connections for communication between node local and cluster dns. + // Deprecated: This annotation is deprecated and will be removed in a future version. + // Use field `.spec.systemComponents.nodeLocalDNS.forceTCPToClusterDNS` in Shoot instead. AnnotationNodeLocalDNSForceTcpToClusterDns = "alpha.featuregates.shoot.gardener.cloud/node-local-dns-force-tcp-to-cluster-dns" // AnnotationNodeLocalDNSForceTcpToUpstreamDns enforces upgrade to tcp connections for communication between node local and upstream dns. + // Deprecated: This annotation is deprecated and will be removed in a future version. + // Use field `.spec.systemComponents.nodeLocalDNS.forceTCPToUpstreamDNS` in Shoot instead. AnnotationNodeLocalDNSForceTcpToUpstreamDns = "alpha.featuregates.shoot.gardener.cloud/node-local-dns-force-tcp-to-upstream-dns" // AnnotationCoreDNSRewritingDisabled disables core dns query rewriting even if the corresponding feature gate is enabled. AnnotationCoreDNSRewritingDisabled = "alpha.featuregates.shoot.gardener.cloud/core-dns-rewriting-disabled"