From 2d54b2b0486fe1d07bfdd93656452584d82d3595 Mon Sep 17 00:00:00 2001 From: Tristan Gosselin-Hane Date: Fri, 30 Aug 2024 22:17:00 -0400 Subject: [PATCH] nixos/kubernetes: allow setting multiple kubelet dns resolvers The current kubernetes module only allows you to set a single DNS resolver for the kubelet. Historically, this has not mattered as the value was passed to a cli argument as a string and as per the kubelet's configuration parsing mechanism, multiple values could be passed as a comma-delimited string. However, recently, the module was refactored to make configure kubernetes components via configuration files rather than the deprecated command-line arguments. These files more strongly-typed than CLI arguments and to pass multiple values, one must define a list in the file. When this change was made, an incorrect assumption was made that only a single DNS server could be specified and forced a single-item list into this configuration file. We need to introduce a breaking change to the module in order to allow the user to supply their own list with however many dns resolvers they wish to use. --- nixos/doc/manual/release-notes/rl-2411.section.md | 2 ++ nixos/modules/services/cluster/kubernetes/kubelet.nix | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md index 02b34eed060c..f5a00abd3973 100644 --- a/nixos/doc/manual/release-notes/rl-2411.section.md +++ b/nixos/doc/manual/release-notes/rl-2411.section.md @@ -119,6 +119,8 @@ - `grafana` has been updated to version 11.1. This version doesn't support setting `http_addr` to a hostname anymore, an IP address is expected. +- `services.kubernetes.kubelet.clusterDns` now accepts a list of DNS resolvers rather than a single string, bringing the module more in line with the upstream Kubelet configuration schema. + - `wstunnel` has had a major version upgrade that entailed rewriting the program in Rust. The module was updated to accommodate for breaking changes. Breaking changes to the module API were minimised as much as possible, diff --git a/nixos/modules/services/cluster/kubernetes/kubelet.nix b/nixos/modules/services/cluster/kubernetes/kubelet.nix index fd9df556e7ec..cdbda5fc62f9 100644 --- a/nixos/modules/services/cluster/kubernetes/kubelet.nix +++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix @@ -64,7 +64,7 @@ let } // lib.optionalAttrs (cfg.tlsCertFile != null) { tlsCertFile = cfg.tlsCertFile; } // lib.optionalAttrs (cfg.tlsKeyFile != null) { tlsPrivateKeyFile = cfg.tlsKeyFile; } // lib.optionalAttrs (cfg.clusterDomain != "") { clusterDomain = cfg.clusterDomain; } - // lib.optionalAttrs (cfg.clusterDns != "") { clusterDNS = [ cfg.clusterDns ] ; } + // lib.optionalAttrs (cfg.clusterDns != []) { clusterDNS = cfg.clusterDns; } // lib.optionalAttrs (cfg.featureGates != {}) { featureGates = cfg.featureGates; } )); @@ -112,8 +112,8 @@ in clusterDns = mkOption { description = "Use alternative DNS."; - default = "10.1.0.1"; - type = str; + default = [ "10.1.0.1" ]; + type = listOf str; }; clusterDomain = mkOption {