Kubeadm: Tracking issue for Certificates copy for join --control-plane
This is the tracking issue for the implementation of Certificates copy for join --control-plane, original issue here. Help is welcome! If you want to pick up some help wanted activity just write it in a comment; "on hold" means the activity should wait for some predecessor before being actively worked
Certificates copy workflow
- [x] https://github.com/kubernetes/kubeadm/issues/1374 Upload encrypted certs on init (@yagonobre https://github.com/kubernetes/kubernetes/pull/73907)
- [x] https://github.com/kubernetes/kubeadm/issues/1407 Use encrypted certs on join (@ereslibre https://github.com/kubernetes/kubernetes/pull/74168)
- [x] https://github.com/kubernetes/kubeadm/issues/1408 Alllow user to provide the certificate key on upload-certs (@yagonobre https://github.com/kubernetes/kubernetes/pull/74671)
- [ ] Periodic test in test-grid
- [x] Make kind support multi control-plane without upload certs (@fabriziopandini https://github.com/kubernetes-sigs/kind/pull/233 https://github.com/kubernetes-sigs/kind/pull/164 https://github.com/kubernetes-sigs/kind/pull/147 https://github.com/kubernetes-sigs/kind/pull/143 https://github.com/kubernetes-sigs/kind/pull/137)
- [x] kinder test utils (@neolit123/@fabriziopandini)
- [x] Write a minimal e2e deployer for kinder in the kubeadm repo (@neolit123/@fabriziopandini)
- [ ] Periodic job for multi control-plane without upload certs (@neolit123)
- [x] Make kinder support upload certs (@neolit123/@fabriziopandini)
- [ ] Periodic job for multi control-plane with upload certs (on hold/@neolit123)
Other HA Improvements
- [x] Improve init completion message for HA (@fabriziopandini https://github.com/kubernetes/kubernetes/pull/75420)
- [ ] Join control-plane improvements
- [x] Pre pull images (@MalloZup https://github.com/kubernetes/kubernetes/pull/72870 )
- [x] SANS validation (@ereslibre https://github.com/kubernetes/kubernetes/pull/73093)
- [x] Wait for etcd joining the new member (@ereslibre https://github.com/kubernetes/kubernetes/pull/72984)
- [ ] Rename
--experimental-control-planeinto--control-plane(on hold/moved to v1.15/@yuexiao-wang)
- [ ] Upgrade improvements
- [ ] https://github.com/kubernetes/kubeadm/issues/1071 merge
kubeadm upgrade node experimental-control-planeintokubeadm upgrade node(on hold/moved to v1.15 @yuexiao-wang)
- [ ] https://github.com/kubernetes/kubeadm/issues/1071 merge
- [x] Reset improvements
- [x] https://github.com/kubernetes/kubeadm/issues/1312 Remove control-plane nodes from ClusterStatus (@neolit123 https://github.com/kubernetes/kubernetes/pull/75082)
- [x] https://github.com/kubernetes/kubeadm/issues/1211 Remove etcd members from the etcd cluster (@pytimer https://github.com/kubernetes/kubernetes/pull/74112)
Docs
- [x] https://kubernetes.io/docs/setup/independent/high-availability/ v1.14 edition (@neolit123 https://github.com/kubernetes/website/pull/13191)
Nice to have
- [x] E2E test cases for
ClusterStatusmanagement in thekubeadm-configconfig-map (@fabriziopandini
https://github.com/kubernetes/kubernetes/pull/75641) - [x] E2E test cases for
kubeadm-certssecret (@fabriziopandini https://github.com/kubernetes/kubernetes/pull/75641) - [ ] Periodic jobs for HA upgrades, For Add/Remove control-plane nodes etc. (on hold/help wanted)
fabriziopandini
All 14 comments
added myself to a couple of items.
neolit123
on 30 Jan 2019
I can take
#1374 Upload encrypted certs on init (help wanted)
~Use encrypted certs on join (on hold/help wanted)~
yagonobre
on 30 Jan 2019
I can take Use encrypted certs on join
@yagonobre I see that on your comment you are taking both, is that intended? Otherwise I can take a different one if you prefer to do both.
ereslibre
on 30 Jan 2019
@ereslibre feel free to take this :)
I can take Make kind support upload certs.
yagonobre
on 30 Jan 2019
I can take Rename --experimental-control-plane into --control-plane
yuexiao-wang
on 31 Jan 2019
I will work on #1071 merge kubeadm upgrade node experimental-control-plane into kubeadm upgrade node (help wanted)
yuexiao-wang
on 31 Jan 2019
/assign
yagonobre
on 5 Feb 2019
@yuexiao-wang please sync with @MalloZup because he was interested in #1071 merge kubeadm upgrade node experimental-control-plane into kubeadm upgrade node (help wanted) too
fabriziopandini
on 5 Feb 2019
@fabriziopandini I will take it #1071 this week after talking with @MalloZup
yuexiao-wang
on 5 Feb 2019
@fabriziopandini I can take the #1211 if the remove etcd members can be added to the reset process.
pytimer
on 7 Feb 2019
@pytimer awesome, thanks!
fabriziopandini
on 7 Feb 2019
yagonobre
on 13 Feb 2019
moving to 1.15 to not confuse the release team.
neolit123
on 7 Mar 2019
moving the remaing items to https://github.com/kubernetes/kubeadm/issues/1567
Thanks to all for helping in this effor
fabriziopandini
on 15 May 2019
Related issues
chuckha
路
3Comments
luxas
路
3Comments
cnmade
路
4Comments
ggaaooppeenngg
路
4Comments
ggee
路
4Comments
Most helpful comment
I can take
Use encrypted certs on join@yagonobre I see that on your comment you are taking both, is that intended? Otherwise I can take a different one if you prefer to do both.