Merge pull request #75139 from mtaufen/windows-kube-proxy-args

Windows kubeproxy flags cleanup

cluster/gce/util.sh

@@ -600,6 +600,7 @@ function write-linux-node-env {
 
 function write-windows-node-env {
   construct-windows-kubelet-flags
+  construct-windows-kubeproxy-flags
   build-windows-kube-env "${KUBE_TEMP}/windows-node-kube-env.yaml"
   build-kubelet-config false "windows" "${KUBE_TEMP}/windows-node-kubelet-config.yaml"
 }
@@ -871,6 +872,37 @@ function construct-windows-kubelet-flags {
   KUBELET_ARGS="${flags}"
 }
 
+function construct-windows-kubeproxy-flags {
+  local flags=""
+
+  # Use the same log level as the Kubelet during tests.
+  flags+=" ${KUBELET_TEST_LOG_LEVEL:-"--v=2"}"
+
+  # Windows uses kernelspace proxymode
+  flags+=" --proxy-mode=kernelspace"
+
+  # Configure kube-proxy to run as a windows service.
+  flags+=" --windows-service=true"
+
+  # TODO(mtaufen): Configure logging for kube-proxy running as a service.
+  # I haven't been able to figure out how to direct stdout/stderr into log
+  # files when configuring it to run via sc.exe, so we just manually
+  # override logging config here.
+  flags+=" --log-file=${WINDOWS_LOGS_DIR}\kube-proxy.log"
+
+  # klog sets this to true internally, so need to override to false
+  # so we actually log to the file
+  flags+=" --logtostderr=false"
+
+  # Configure flags with explicit empty string values. We can't escape
+  # double-quotes, because they still break sc.exe after expansion in the
+  # binPath parameter, and single-quotes get parsed as characters instead
+  # of string delimiters.
+  flags+=" --resource-container="
+
+  KUBEPROXY_ARGS="${flags}"
+}
+
 # $1: if 'true', we're rendering config for a master, else a node
 function build-kubelet-config {
   local master="$1"
@@ -1438,6 +1470,7 @@ CNI_CONFIG_DIR: $(yaml-quote ${WINDOWS_CNI_CONFIG_DIR})
 MANIFESTS_DIR: $(yaml-quote ${WINDOWS_MANIFESTS_DIR})
 PKI_DIR: $(yaml-quote ${WINDOWS_PKI_DIR})
 KUBELET_CONFIG_FILE: $(yaml-quote ${WINDOWS_KUBELET_CONFIG_FILE})
+KUBEPROXY_ARGS: $(yaml-quote ${KUBEPROXY_ARGS})
 KUBECONFIG_FILE: $(yaml-quote ${WINDOWS_KUBECONFIG_FILE})
 BOOTSTRAP_KUBECONFIG_FILE: $(yaml-quote ${WINDOWS_BOOTSTRAP_KUBECONFIG_FILE})
 KUBEPROXY_KUBECONFIG_FILE: $(yaml-quote ${WINDOWS_KUBEPROXY_KUBECONFIG_FILE})

cluster/gce/windows/k8s-node-setup.psm1

@@ -564,6 +564,7 @@ users:
 clusters:
 - name: local
   cluster:
+    server: https://APISERVER_ADDRESS
     certificate-authority-data: CA_CERT
 contexts:
 - context:
@@ -572,7 +573,8 @@ contexts:
   name: service-account-context
 current-context: service-account-context'.`
     replace('KUBEPROXY_TOKEN', ${kube_env}['KUBE_PROXY_TOKEN']).`
-    replace('CA_CERT', ${kube_env}['CA_CERT'])
+    replace('CA_CERT', ${kube_env}['CA_CERT']).`
+    replace('APISERVER_ADDRESS', ${kube_env}['KUBERNETES_MASTER_NAME'])
 
   Log-Output ("kubeproxy kubeconfig:`n" +
               "$(Get-Content -Raw ${env:KUBEPROXY_KUBECONFIG})")
@@ -934,7 +936,7 @@ function Configure-Kubelet {
 #
 # Required ${kube_env} keys:
 #   KUBELET_ARGS
-#   KUBERNETES_MASTER_NAME
+#   KUBEPROXY_ARGS
 #   CLUSTER_IP_RANGE
 function Start-WorkerServices {
   # Compute kubelet args
@@ -949,11 +951,7 @@ function Start-WorkerServices {
 
   # Compute kube-proxy args
   $kubeproxy_args_str = ${kube_env}['KUBEPROXY_ARGS']
-  Try {
+  $kubeproxy_args = $kubeproxy_args_str.Split(" ")
-    $kubeproxy_args = $kubeproxy_args_str.Split(" ")
-  } Catch {
-    $kubeproxy_args = ""
-  }
   Log-Output "kubeproxy_args from metadata: ${kubeproxy_args}"
 
   # kubeproxy is started on Linux nodes using
@@ -966,31 +964,9 @@ function Start-WorkerServices {
   #   --iptables-sync-period=1m --iptables-min-sync-period=10s
   #   --ipvs-sync-period=1m --ipvs-min-sync-period=10s
   # And also with various volumeMounts and "securityContext: privileged: true".
-  $apiserver_address = ${kube_env}['KUBERNETES_MASTER_NAME']
   $default_kubeproxy_args = @(`
-      "--v=4",
-      "--master=https://${apiserver_address}",
       "--kubeconfig=${env:KUBEPROXY_KUBECONFIG}",
-      "--proxy-mode=kernelspace",
+      "--cluster-cidr=$(${kube_env}['CLUSTER_IP_RANGE'])"
-      "--cluster-cidr=$(${kube_env}['CLUSTER_IP_RANGE'])",
-
-      # Configure kube-proxy to run as a windows service.
-      "--windows-service=true",
-
-      # TODO(mtaufen): Configure logging for kube-proxy running as a service.
-      # I haven't been able to figure out how to direct stdout/stderr into log
-      # files when configuring it to run via sc.exe, so we just manually
-      # override logging config here.
-      "--log-file=${env:LOGS_DIR}\kube-proxy.log",
-      # klog sets this to true intenrally, so need to override to false
-      # so we actually log to the file
-      "--logtostderr=false",
-
-      # Configure flags with explicit empty string values. We can't escape
-      # double-quotes, because they still break sc.exe after expansion in the
-      # binPath parameter, and single-quotes get parsed as characters instead
-      # of string delimiters.
-      "--resource-container="
   )
   $kubeproxy_args = ${default_kubeproxy_args} + ${kubeproxy_args}
   Log-Output "Final kubeproxy_args: ${kubeproxy_args}"