Modifying kubelet to use config files instead of kubelet flags which are about to deprecate.

[nithu0115]

Description of changes:

Changing Kubelet to use config files instead of using kubelet flags as they are deprecated.

Oct 18 00:55:14 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal systemd[1]: Starting Kubernetes Kubelet...
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --address has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.i
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --authentication-token-webhook has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --authorization-mode has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://k
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --allow-privileged has been deprecated, will be removed in a future version
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --cluster-domain has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kuber
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --cgroup-driver has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubern
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --feature-gates has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubern
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --anonymous-auth has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kuber
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --client-ca-file has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kuber
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --cluster-dns has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernet
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: Flag --max-pods has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.
Oct 18 00:55:20 ip-172-31-25-244.test-sd1.stagingus-west-2.compute.internal kubelet[3718]: I1018 00:55:20.085267    3718 feature_gate.go:226] feature gates: &{{} map[RotateKubeletServerCertificate:true]}

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[micahhausler]

Thanks!

[errordeveloper]

Why this gets added here?

[nithu0115]

@errordeveloper - I saw many miss this iptables rule causing problem, hence I added it to ExecStartPre to enforce this command run every time kubelet starts and change the rule.

[errordeveloper]

Why is it part of this PR and there was no discussion about it here? Maybe a comment in the unit file would help also, but I still don't quite understand the purpose, it seems very ad-hoc and as far as I can tell redundant in the context of this AMI.

[agomez-infoblox]

I wonder if the above questions is addressed some where else?
why is the FORWARD rule to ACCEPT?