Skip to content
This repository has been archived by the owner on Jan 11, 2023. It is now read-only.

Commit

Permalink
Make handling Kubernetes versions easier (#2506)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jackfrancis
jackfrancis committed Mar 27, 2018
1 parent f6d8f50 commit b81ad78
Show file tree
Hide file tree
Showing 22 changed files with 899 additions and 773 deletions.
58 changes: 30 additions & 28 deletions pkg/acsengine/defaults-apiserver_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,16 @@ import (
"testing"

"github.com/Azure/acs-engine/pkg/api"
"github.com/Azure/acs-engine/pkg/api/common"
"github.com/Azure/acs-engine/pkg/helpers"
"github.com/satori/uuid"
)

const defaultTestClusterVer = "1.7.12"

func TestAPIServerConfigEnableDataEncryptionAtRest(t *testing.T) {
// Test EnableDataEncryptionAtRest = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableDataEncryptionAtRest = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableDataEncryptionAtRest = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--experimental-encryption-provider-config"] != "/etc/kubernetes/encryption-config.yaml" {
Expand All @@ -20,8 +22,8 @@ func TestAPIServerConfigEnableDataEncryptionAtRest(t *testing.T) {
}

// Test EnableDataEncryptionAtRest = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableDataEncryptionAtRest = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableDataEncryptionAtRest = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if _, ok := a["--experimental-encryption-provider-config"]; ok {
Expand All @@ -32,7 +34,7 @@ func TestAPIServerConfigEnableDataEncryptionAtRest(t *testing.T) {

func TestAPIServerConfigEnableAggregatedAPIs(t *testing.T) {
// Test EnableAggregatedAPIs = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableAggregatedAPIs = true
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
Expand Down Expand Up @@ -66,7 +68,7 @@ func TestAPIServerConfigEnableAggregatedAPIs(t *testing.T) {
}

// Test EnableAggregatedAPIs = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableAggregatedAPIs = false
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
Expand All @@ -82,8 +84,8 @@ func TestAPIServerConfigEnableAggregatedAPIs(t *testing.T) {

func TestAPIServerConfigUseCloudControllerManager(t *testing.T) {
// Test UseCloudControllerManager = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if _, ok := a["--cloud-provider"]; ok {
Expand All @@ -96,8 +98,8 @@ func TestAPIServerConfigUseCloudControllerManager(t *testing.T) {
}

// Test UseCloudControllerManager = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--cloud-provider"] != "azure" {
Expand All @@ -112,7 +114,7 @@ func TestAPIServerConfigUseCloudControllerManager(t *testing.T) {

func TestAPIServerConfigHasAadProfile(t *testing.T) {
// Test HasAadProfile = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.AADProfile = &api.AADProfile{
ServerAppID: "test-id",
TenantID: "test-tenant",
Expand All @@ -137,7 +139,7 @@ func TestAPIServerConfigHasAadProfile(t *testing.T) {
}

// Test China Cloud settings
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.AADProfile = &api.AADProfile{
ServerAppID: "test-id",
TenantID: "test-tenant",
Expand All @@ -151,7 +153,7 @@ func TestAPIServerConfigHasAadProfile(t *testing.T) {
}

// Test HasAadProfile = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
for _, key := range []string{"--oidc-username-claim", "--oidc-groups-claim", "--oidc-client-id", "--oidc-issuer-url"} {
Expand All @@ -164,8 +166,8 @@ func TestAPIServerConfigHasAadProfile(t *testing.T) {

func TestAPIServerConfigEnableRbac(t *testing.T) {
// Test EnableRbac = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--authorization-mode"] != "Node,RBAC" {
Expand All @@ -174,8 +176,8 @@ func TestAPIServerConfigEnableRbac(t *testing.T) {
}

// Test EnableRbac = true with 1.6 cluster
cs = createContainerService("testcluster", common.KubernetesVersion1Dot6Dot11, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(true)
cs = createContainerService("testcluster", "1.6.11", 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--authorization-mode"] != "RBAC" {
Expand All @@ -184,8 +186,8 @@ func TestAPIServerConfigEnableRbac(t *testing.T) {
}

// Test EnableRbac = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if _, ok := a["--authorization-mode"]; ok {
Expand All @@ -194,8 +196,8 @@ func TestAPIServerConfigEnableRbac(t *testing.T) {
}

// Test EnableRbac = false with 1.6 cluster
cs = createContainerService("testcluster", common.KubernetesVersion1Dot6Dot11, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(false)
cs = createContainerService("testcluster", "1.6.11", 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if _, ok := a["--authorization-mode"]; ok {
Expand All @@ -206,8 +208,8 @@ func TestAPIServerConfigEnableRbac(t *testing.T) {

func TestAPIServerConfigEnableSecureKubelet(t *testing.T) {
// Test EnableSecureKubelet = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--kubelet-client-certificate"] != "/etc/kubernetes/certs/client.crt" {
Expand All @@ -220,8 +222,8 @@ func TestAPIServerConfigEnableSecureKubelet(t *testing.T) {
}

// Test EnableSecureKubelet = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
for _, key := range []string{"--kubelet-client-certificate", "--kubelet-client-key"} {
Expand Down Expand Up @@ -275,8 +277,8 @@ func createContainerService(containerServiceName string, orchestratorVersion str
cs.Properties.OrchestratorProfile.OrchestratorType = api.Kubernetes
cs.Properties.OrchestratorProfile.OrchestratorVersion = orchestratorVersion
cs.Properties.OrchestratorProfile.KubernetesConfig = &api.KubernetesConfig{
EnableSecureKubelet: pointerToBool(api.DefaultSecureKubeletEnabled),
EnableRbac: pointerToBool(api.DefaultRBACEnabled),
EnableSecureKubelet: helpers.PointerToBool(api.DefaultSecureKubeletEnabled),
EnableRbac: helpers.PointerToBool(api.DefaultRBACEnabled),
EtcdDiskSizeGB: DefaultEtcdDiskSize,
ServiceCIDR: DefaultKubernetesServiceCIDR,
DockerBridgeSubnet: DefaultDockerBridgeSubnet,
Expand Down
22 changes: 11 additions & 11 deletions pkg/acsengine/defaults-kubelet_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@ package acsengine
import (
"testing"

"github.com/Azure/acs-engine/pkg/api/common"
"github.com/Azure/acs-engine/pkg/helpers"
)

func TestKubeletConfigUseCloudControllerManager(t *testing.T) {
// Test UseCloudControllerManager = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = helpers.PointerToBool(true)
setKubeletConfig(cs)
k := cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
if k["--cloud-provider"] != "external" {
Expand All @@ -18,8 +18,8 @@ func TestKubeletConfigUseCloudControllerManager(t *testing.T) {
}

// Test UseCloudControllerManager = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = helpers.PointerToBool(false)
setKubeletConfig(cs)
k = cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
if k["--cloud-provider"] != "azure" {
Expand All @@ -31,7 +31,7 @@ func TestKubeletConfigUseCloudControllerManager(t *testing.T) {

func TestKubeletConfigNetworkPolicy(t *testing.T) {
// Test NetworkPolicy = none
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.NetworkPolicy = NetworkPolicyNone
setKubeletConfig(cs)
k := cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
Expand All @@ -41,7 +41,7 @@ func TestKubeletConfigNetworkPolicy(t *testing.T) {
}

// Test NetworkPolicy = azure
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.NetworkPolicy = "azure"
setKubeletConfig(cs)
k = cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
Expand All @@ -54,8 +54,8 @@ func TestKubeletConfigNetworkPolicy(t *testing.T) {

func TestKubeletConfigEnableSecureKubelet(t *testing.T) {
// Test EnableSecureKubelet = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(true)
setKubeletConfig(cs)
k := cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
if k["--anonymous-auth"] != "false" {
Expand All @@ -72,8 +72,8 @@ func TestKubeletConfigEnableSecureKubelet(t *testing.T) {
}

// Test EnableSecureKubelet = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(false)
setKubeletConfig(cs)
k = cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
for _, key := range []string{"--anonymous-auth", "--client-ca-file"} {
Expand Down
27 changes: 11 additions & 16 deletions pkg/acsengine/defaults.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (

"github.com/Azure/acs-engine/pkg/api"
"github.com/Azure/acs-engine/pkg/api/common"
"github.com/Azure/acs-engine/pkg/helpers"
"github.com/Masterminds/semver"
)

Expand Down Expand Up @@ -179,7 +180,7 @@ var (
// DefaultTillerAddonsConfig is the default tiller Kubernetes addon Config
DefaultTillerAddonsConfig = api.KubernetesAddon{
Name: DefaultTillerAddonName,
Enabled: pointerToBool(api.DefaultTillerAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultTillerAddonEnabled),
Containers: []api.KubernetesContainerSpec{
{
Name: DefaultTillerAddonName,
Expand All @@ -197,7 +198,7 @@ var (
// DefaultACIConnectorAddonsConfig is the default ACI Connector Kubernetes addon Config
DefaultACIConnectorAddonsConfig = api.KubernetesAddon{
Name: DefaultACIConnectorAddonName,
Enabled: pointerToBool(api.DefaultACIConnectorAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultACIConnectorAddonEnabled),
Config: map[string]string{
"region": "westus",
"nodeName": "aci-connector",
Expand All @@ -218,7 +219,7 @@ var (
// DefaultDashboardAddonsConfig is the default kubernetes-dashboard addon Config
DefaultDashboardAddonsConfig = api.KubernetesAddon{
Name: DefaultDashboardAddonName,
Enabled: pointerToBool(api.DefaultDashboardAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultDashboardAddonEnabled),
Containers: []api.KubernetesContainerSpec{
{
Name: DefaultDashboardAddonName,
Expand All @@ -233,7 +234,7 @@ var (
// DefaultReschedulerAddonsConfig is the default rescheduler Kubernetes addon Config
DefaultReschedulerAddonsConfig = api.KubernetesAddon{
Name: DefaultReschedulerAddonName,
Enabled: pointerToBool(api.DefaultReschedulerAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultReschedulerAddonEnabled),
Containers: []api.KubernetesContainerSpec{
{
Name: DefaultReschedulerAddonName,
Expand All @@ -248,7 +249,7 @@ var (
// DefaultMetricsServerAddonsConfig is the default metrics-server Kubernetes addon Config
DefaultMetricsServerAddonsConfig = api.KubernetesAddon{
Name: DefaultMetricsServerAddonName,
Enabled: pointerToBool(api.DefaultMetricsServerAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultMetricsServerAddonEnabled),
Containers: []api.KubernetesContainerSpec{
{
Name: DefaultMetricsServerAddonName,
Expand Down Expand Up @@ -441,7 +442,7 @@ func setOrchestratorDefaults(cs *api.ContainerService) {
}

if o.KubernetesConfig.PrivateCluster.Enabled == nil {
o.KubernetesConfig.PrivateCluster.Enabled = pointerToBool(api.DefaultPrivateClusterEnabled)
o.KubernetesConfig.PrivateCluster.Enabled = helpers.PointerToBool(api.DefaultPrivateClusterEnabled)
}

if "" == a.OrchestratorProfile.KubernetesConfig.EtcdDiskSizeGB {
Expand All @@ -461,15 +462,15 @@ func setOrchestratorDefaults(cs *api.ContainerService) {
}

if a.OrchestratorProfile.KubernetesConfig.EnableRbac == nil {
a.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(api.DefaultRBACEnabled)
a.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(api.DefaultRBACEnabled)
}

if a.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet == nil {
a.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(api.DefaultSecureKubeletEnabled)
a.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(api.DefaultSecureKubeletEnabled)
}

if a.OrchestratorProfile.KubernetesConfig.UseInstanceMetadata == nil {
a.OrchestratorProfile.KubernetesConfig.UseInstanceMetadata = pointerToBool(api.DefaultUseInstanceMetadata)
a.OrchestratorProfile.KubernetesConfig.UseInstanceMetadata = helpers.PointerToBool(api.DefaultUseInstanceMetadata)
}

// Configure kubelet
Expand Down Expand Up @@ -833,12 +834,6 @@ func assignDefaultAddonVals(addon, defaults api.KubernetesAddon) api.KubernetesA
return addon
}

// pointerToBool returns a pointer to a bool
func pointerToBool(b bool) *bool {
p := b
return &p
}

// combine user-provided --feature-gates vals with defaults
// a minimum k8s version may be declared as required for defaults assignment
func addDefaultFeatureGates(m map[string]string, version string, minVersion string, defaults string) {
Expand Down Expand Up @@ -893,5 +888,5 @@ func enforceK8sVersionAddonOverrides(addons []api.KubernetesAddon, o *api.Orches
}

func k8sVersionMetricsServerAddonEnabled(o *api.OrchestratorProfile) *bool {
return pointerToBool(common.IsKubernetesVersionGe(o.OrchestratorVersion, "1.9.0"))
return helpers.PointerToBool(common.IsKubernetesVersionGe(o.OrchestratorVersion, "1.9.0"))
}
Loading

0 comments on commit b81ad78

Please sign in to comment.