Does KubeadmConfigTemplate support kubeproxy configuration

[xagent003]

What steps did you take and what happened?

KudeAdm supports various configuration resources: https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/control-plane-flags/#customizing-kube-proxy

Customizing kube-proxy
To customize kube-proxy you can pass a KubeProxyConfiguration next your ClusterConfiguration or InitConfiguration to kubeadm init separated by ---.

You can see there is a InitConfiguration, ClusterCOnfiguration, Join Configuration, as well as a KubeletConfiguration and KubeProxyConfiguration: https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta3/

But when I look at the definition for KubeadmConfigTemplate, only Init/Join/Cluster Configuration is supported:

cluster-api/bootstrap/kubeadm/api/v1beta1/kubeadmconfig_types.go

Line 53 in 22ec35e

type KubeadmConfigSpec struct {

How do we go about configuring kube-proxy with CAPI?

What did you expect to happen?

Allow specifying KubeProxyConfiguration in the KubeadmConfigTemplate

Cluster API version

1.5.3

Kubernetes version

1.26

Anything else you would like to add?

No response

Label(s) to be applied

/kind bug
One or more /area label. See https://github.com/kubernetes-sigs/cluster-api/labels?q=area for the list of labels.

[k8s-ci-robot]

This issue is currently awaiting triage.

CAPI contributors will take a look as soon as possible, apply one of the triage/* labels and provide further guidance.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[neolit123]

/remove-kind bug
/kind support
kubelet and kube-proxy config are not supported by CAPI.

#1584

i think the suggested approach is to skip kubeproxy as a kubeadm addon and manage it yourself.

#3700
#4512

i think there was a way to skip the kubeadm addons with an annotation, but i can't find where are the docs for that (currently on mobile)

[chrischdi]

There is: controlplane.cluster.x-k8s.io/skip-kube-proxy which can be set at the KubeadmControlPlane object.

see: https://cluster-api.sigs.k8s.io/reference/labels_and_annotations

[chrischdi]

xref: #3700 (comment)

The annotation only makes capi not handle upgrades for kube-proxy anymore. You would still need to configure kubeadm to skip deploying it or use preKubeadmCommands to adjust things to make the kubeadm way of adding the additional configuration (which I think is very hacky).

Other previous issues about this topic:

• Allow management of KubeProxy configuration in CAPI #4512
• KCP: support pluggable proxy providers #3700

[fabriziopandini]

/close

Answer have been provided, no further feedback

[k8s-ci-robot]

@fabriziopandini: Closing this issue.

In response to this:

/close

Answer have been provided, no further feedback

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[xagent003]

There is: controlplane.cluster.x-k8s.io/skip-kube-proxy which can be set at the KubeadmControlPlane object.

see: https://cluster-api.sigs.k8s.io/reference/labels_and_annotations

I don't want to skip kube-proxy configuration. I want to be able to configure it. KubeAdm allows it. So why doesn't CAPI which uses kubeadm do the same?

[chrischdi]

Hacky but works:

You could add the kube-proxy config as a file, e.g.:

---
THE CONFIG

And have a pre-kubeadmcommand adding it to the kubeadm config file for kubeadm init:

test -e "/run/kubeadm/kubeadm.yaml" && cat /the/config-file >> /run/kubeadm/kubeadm.yaml