Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend manifests to work properly with kubeadm #22

Merged
merged 7 commits into from
Aug 20, 2024
Merged

Extend manifests to work properly with kubeadm #22

merged 7 commits into from
Aug 20, 2024

Conversation

stano45
Copy link
Owner

@stano45 stano45 commented Aug 16, 2024

Add ServiceAccount and ClusterRoleBinding to the daemonset manifest
When initializing a local single-node Kubernetes cluster with kubeadm, kube-router is not able to access certaub resources and fails to start. This PR adds a ServiceAccount and a ClusterRoleBinding to the kube-router manifest.
This manifest comes from the official kube-router repository

Add checkpoint-rbac.yaml
This allows the kubectl checkpoint plugin to create the container checkpoint.

Run curl with sudo in kubectl-checkpoint
Previously, the curl command could not access the kubelet's client certificate and key.

Update README.md with kubeadm instructions

  • Updated with specific instructions for kubeadm
  • Added instruction to apply the RBAC manifest
  • Updated the commands of step 9 to run as root
  • Added a note that the local registry is optional

@stano45
Add ServiceAccount to kube-router manifest
6562997 
When initializing a local single-node Kubernetes
cluster with kubeadm, kube-router is not able to
access certaub resources and fails to start.
This commit adds a ServiceAccount and a
ClusterRoleBinding to the kube-router manifest.
This manifest comes from the official kube-router
repository:
(daemonset/kubeadm-kuberouter-all-features.yaml).
@stano45
Add checkpoint-rbac.yaml
004ccd3 
This allows the kubectl checkpoint plugin to
create the container checkpoint.
@stano45
Run curl with sudo in kubectl-checkpoint
1862c9e 
Previously, the curl command could not access
the kubelet's client certificate and key.
@stano45
Update README.md with kubeadm instructions
0e488f0 
- Updated with specific instructions for kubeadm
- Added instruction to apply the RBAC manifest
- Updated the commands of step 9 to run as root
- Added a note that the local registry is optional
rst0git
rst0git reviewed Aug 19, 2024
View reviewed changes
examples/container_migration_in_kubernetes/manifests/checkpoint-rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: checkpoint-role
Copy link
Contributor

@rst0git rst0git Aug 19, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would you be able to add more information on how this RBAC role is used with container checkpointing?

Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added a comment on the top of the manifest file.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like this is fixed in the following pull request:

kubernetes/kubernetes#126724
kubernetes/kubernetes#126232

@stano45 stano45 requested a review from rst0git August 20, 2024 14:51
@stano45 stano45 merged commit af59f69 into main Aug 20, 2024
2 checks passed
@stano45 stano45 deleted the kubeadm branch August 20, 2024 15:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rst0git rst0git Awaiting requested review from rst0git

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@stano45 @rst0git