Always create /var/lib/kubelet, even in bootstrap mode

Otherwise we end up with a circular dependency where we don't run the node-authorizer until /var/lib/kubelet has been bind-mounted, but it can't be bind-mounted until it exists. This bind-mounting happens on Google's ContainerOS, which is why it isn't always seen.
kubernetes · Mar 14, 2019 · ecbc341 · ecbc341
1 parent da89545
commit ecbc341
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/nodeup/pkg/model/kubelet.go b/nodeup/pkg/model/kubelet.go
@@ -99,6 +99,13 @@ func (b *KubeletBuilder) Build(c *fi.ModelBuilderContext) error {
 		}
 	}
 	{
+		// We always create the directory, avoids circular dependency on a bind-mount
+		c.AddTask(&nodetasks.File{
+			Path: filepath.Dir(b.KubeletKubeConfig()),
+			Type: nodetasks.FileType_Directory,
+			Mode: s("0755"),
+		})
+
 		// @check if bootstrap tokens are enabled and create the appropreiate certificates
 		if b.UseBootstrapTokens() {
 			// @check if a master and if so, we bypass the token strapping and instead generate our own kubeconfig