Skip to content

Commit d946973

Browse files
hedge-sparrowhedge-sparrow
committed
Allow updateProber to be disabled
In airgapped environments with strict network observibility the updateProber contributes additional noise to egress deny logs. By providing an option to disable it in the same way as other components we allow users of k0s in those environments to disable unwanted network egress attempts. Signed-off-by: hedge-sparrow <[email protected]>
1 parent 5f336ef commit d946973

File tree

6 files changed

+11
-7
lines changed

6 files changed

+11
-7
lines changed

cmd/controller/controller.go

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -561,10 +561,12 @@ func (c *command) start(ctx context.Context, flags *config.ControllerOptions, de
561561
Workloads: controllerMode.WorkloadsEnabled(),
562562
})
563563

564-
clusterComponents.Add(ctx, controller.NewUpdateProber(
565-
adminClientFactory,
566-
leaderElector,
567-
))
564+
if !slices.Contains(flags.DisableComponents, constant.UpdateProberComponentName) {
565+
clusterComponents.Add(ctx, controller.NewUpdateProber(
566+
adminClientFactory,
567+
leaderElector,
568+
))
569+
}
568570

569571
// Add the config source as the last component, so that the reconciliation
570572
// starts after all other components have been started.

cmd/controller/controller_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ Flags:
5252
--data-dir string Data Directory for k0s. DO NOT CHANGE for an existing setup, things will break! (default `+defaultDataDir+`)
5353
-d, --debug Debug logging (implies verbose logging)
5454
--debugListenOn string Http listenOn for Debug pprof handler (default ":6060")
55-
--disable-components strings disable components (valid items: applier-manager,autopilot,control-api,coredns,csr-approver,endpoint-reconciler,helm,konnectivity-server,kube-controller-manager,kube-proxy,kube-scheduler,metrics-server,network-provider,node-role,system-rbac,windows-node,worker-config)
55+
--disable-components strings disable components (valid items: applier-manager,autopilot,control-api,coredns,csr-approver,endpoint-reconciler,helm,konnectivity-server,kube-controller-manager,kube-proxy,kube-scheduler,metrics-server,network-provider,node-role,system-rbac,update-prober,windows-node,worker-config)
5656
--enable-cloud-provider Whether or not to enable cloud provider support in kubelet
5757
--enable-dynamic-config enable cluster-wide dynamic config based on custom resource
5858
--enable-k0s-cloud-provider enables the k0s-cloud-provider (default false)

cmd/install/controller_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ Flags:
4646
-c, --config string config file, use '-' to read the config from stdin (default `+defaultConfigPath+`)
4747
--cri-socket string container runtime socket to use, default to internal containerd. Format: [remote|docker]:[path-to-socket]
4848
--data-dir string Data Directory for k0s. DO NOT CHANGE for an existing setup, things will break! (default `+defaultDataDir+`)
49-
--disable-components strings disable components (valid items: applier-manager,autopilot,control-api,coredns,csr-approver,endpoint-reconciler,helm,konnectivity-server,kube-controller-manager,kube-proxy,kube-scheduler,metrics-server,network-provider,node-role,system-rbac,windows-node,worker-config)
49+
--disable-components strings disable components (valid items: applier-manager,autopilot,control-api,coredns,csr-approver,endpoint-reconciler,helm,konnectivity-server,kube-controller-manager,kube-proxy,kube-scheduler,metrics-server,network-provider,node-role,system-rbac,update-prober,windows-node,worker-config)
5050
--enable-cloud-provider Whether or not to enable cloud provider support in kubelet
5151
--enable-dynamic-config enable cluster-wide dynamic config based on custom resource
5252
--enable-k0s-cloud-provider enables the k0s-cloud-provider (default false)

docs/configuration.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -583,7 +583,7 @@ they need to fulfill their need for the control plane. Disabling the system
583583
components happens through a command line flag for the controller process:
584584
585585
```text
586-
--disable-components strings disable components (valid items: applier-manager,autopilot,control-api,coredns,csr-approver,endpoint-reconciler,helm,konnectivity-server,kube-controller-manager,kube-proxy,kube-scheduler,metrics-server,network-provider,node-role,system-rbac,windows-node,worker-config)
586+
--disable-components strings disable components (valid items: applier-manager,autopilot,control-api,coredns,csr-approver,endpoint-reconciler,helm,konnectivity-server,kube-controller-manager,kube-proxy,kube-scheduler,metrics-server,network-provider,node-role,system-rbac,update-prober,windows-node,worker-config)
587587
```
588588
589589
If you use k0sctl, just add the flag when installing the cluster for the first

pkg/config/cli.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -269,6 +269,7 @@ var availableComponents = []string{
269269
constant.NetworkProviderComponentName,
270270
constant.NodeRoleComponentName,
271271
constant.SystemRBACComponentName,
272+
constant.UpdateProberComponentName,
272273
constant.WindowsNodeComponentName,
273274
constant.WorkerConfigComponentName,
274275
}

pkg/constant/constant.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,7 @@ const (
107107
NodeRoleComponentName = "node-role"
108108
WindowsNodeComponentName = "windows-node"
109109
AutopilotComponentName = "autopilot"
110+
UpdateProberComponentName = "update-prober"
110111

111112
// ClusterConfigNamespace is the namespace where we expect to find the ClusterConfig CRs
112113
ClusterConfigNamespace = "kube-system"

0 commit comments

Comments
 (0)