Skip to content
This repository has been archived by the owner on Jan 11, 2023. It is now read-only.

Make handling Kubernetes versions easier #2506

Merged
merged 7 commits into from
Mar 23, 2018
Merged

Make handling Kubernetes versions easier #2506

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
a248dd4
now with fewer consts!
jackfrancis Mar 21, 2018
42da2e2
generalize KubeConfigs
jackfrancis Mar 21, 2018
0755d74
these are not consts
jackfrancis Mar 21, 2018
813b5d4
copy/paste errata
jackfrancis Mar 21, 2018
2abe2ca
no more static orchestrator version num validations!
jackfrancis Mar 22, 2018
98302b7
whoops we have a straggler here
jackfrancis Mar 22, 2018
be81858
fix comment
jackfrancis Mar 23, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 30 additions & 28 deletions pkg/acsengine/defaults-apiserver_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,16 @@ import (
"testing"

"github.com/Azure/acs-engine/pkg/api"
"github.com/Azure/acs-engine/pkg/api/common"
"github.com/Azure/acs-engine/pkg/helpers"
"github.com/satori/uuid"
)

const defaultTestClusterVer = "1.7.12"

func TestAPIServerConfigEnableDataEncryptionAtRest(t *testing.T) {
// Test EnableDataEncryptionAtRest = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableDataEncryptionAtRest = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableDataEncryptionAtRest = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--experimental-encryption-provider-config"] != "/etc/kubernetes/encryption-config.yaml" {
Expand All @@ -20,8 +22,8 @@ func TestAPIServerConfigEnableDataEncryptionAtRest(t *testing.T) {
}

// Test EnableDataEncryptionAtRest = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableDataEncryptionAtRest = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableDataEncryptionAtRest = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if _, ok := a["--experimental-encryption-provider-config"]; ok {
Expand All @@ -32,7 +34,7 @@ func TestAPIServerConfigEnableDataEncryptionAtRest(t *testing.T) {

func TestAPIServerConfigEnableAggregatedAPIs(t *testing.T) {
// Test EnableAggregatedAPIs = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableAggregatedAPIs = true
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
Expand Down Expand Up @@ -66,7 +68,7 @@ func TestAPIServerConfigEnableAggregatedAPIs(t *testing.T) {
}

// Test EnableAggregatedAPIs = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableAggregatedAPIs = false
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
Expand All @@ -82,8 +84,8 @@ func TestAPIServerConfigEnableAggregatedAPIs(t *testing.T) {

func TestAPIServerConfigUseCloudControllerManager(t *testing.T) {
// Test UseCloudControllerManager = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if _, ok := a["--cloud-provider"]; ok {
Expand All @@ -96,8 +98,8 @@ func TestAPIServerConfigUseCloudControllerManager(t *testing.T) {
}

// Test UseCloudControllerManager = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--cloud-provider"] != "azure" {
Expand All @@ -112,7 +114,7 @@ func TestAPIServerConfigUseCloudControllerManager(t *testing.T) {

func TestAPIServerConfigHasAadProfile(t *testing.T) {
// Test HasAadProfile = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.AADProfile = &api.AADProfile{
ServerAppID: "test-id",
TenantID: "test-tenant",
Expand All @@ -137,7 +139,7 @@ func TestAPIServerConfigHasAadProfile(t *testing.T) {
}

// Test China Cloud settings
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.AADProfile = &api.AADProfile{
ServerAppID: "test-id",
TenantID: "test-tenant",
Expand All @@ -151,7 +153,7 @@ func TestAPIServerConfigHasAadProfile(t *testing.T) {
}

// Test HasAadProfile = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
for _, key := range []string{"--oidc-username-claim", "--oidc-groups-claim", "--oidc-client-id", "--oidc-issuer-url"} {
Expand All @@ -164,8 +166,8 @@ func TestAPIServerConfigHasAadProfile(t *testing.T) {

func TestAPIServerConfigEnableRbac(t *testing.T) {
// Test EnableRbac = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--authorization-mode"] != "Node,RBAC" {
Expand All @@ -174,8 +176,8 @@ func TestAPIServerConfigEnableRbac(t *testing.T) {
}

// Test EnableRbac = true with 1.6 cluster
cs = createContainerService("testcluster", common.KubernetesVersion1Dot6Dot11, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(true)
cs = createContainerService("testcluster", "1.6.11", 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--authorization-mode"] != "RBAC" {
Expand All @@ -184,8 +186,8 @@ func TestAPIServerConfigEnableRbac(t *testing.T) {
}

// Test EnableRbac = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if _, ok := a["--authorization-mode"]; ok {
Expand All @@ -194,8 +196,8 @@ func TestAPIServerConfigEnableRbac(t *testing.T) {
}

// Test EnableRbac = false with 1.6 cluster
cs = createContainerService("testcluster", common.KubernetesVersion1Dot6Dot11, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(false)
cs = createContainerService("testcluster", "1.6.11", 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if _, ok := a["--authorization-mode"]; ok {
Expand All @@ -206,8 +208,8 @@ func TestAPIServerConfigEnableRbac(t *testing.T) {

func TestAPIServerConfigEnableSecureKubelet(t *testing.T) {
// Test EnableSecureKubelet = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(true)
setAPIServerConfig(cs)
a := cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
if a["--kubelet-client-certificate"] != "/etc/kubernetes/certs/client.crt" {
Expand All @@ -220,8 +222,8 @@ func TestAPIServerConfigEnableSecureKubelet(t *testing.T) {
}

// Test EnableSecureKubelet = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(false)
setAPIServerConfig(cs)
a = cs.Properties.OrchestratorProfile.KubernetesConfig.APIServerConfig
for _, key := range []string{"--kubelet-client-certificate", "--kubelet-client-key"} {
Expand Down Expand Up @@ -275,8 +277,8 @@ func createContainerService(containerServiceName string, orchestratorVersion str
cs.Properties.OrchestratorProfile.OrchestratorType = api.Kubernetes
cs.Properties.OrchestratorProfile.OrchestratorVersion = orchestratorVersion
cs.Properties.OrchestratorProfile.KubernetesConfig = &api.KubernetesConfig{
EnableSecureKubelet: pointerToBool(api.DefaultSecureKubeletEnabled),
EnableRbac: pointerToBool(api.DefaultRBACEnabled),
EnableSecureKubelet: helpers.PointerToBool(api.DefaultSecureKubeletEnabled),
EnableRbac: helpers.PointerToBool(api.DefaultRBACEnabled),
EtcdDiskSizeGB: DefaultEtcdDiskSize,
ServiceCIDR: DefaultKubernetesServiceCIDR,
DockerBridgeSubnet: DefaultDockerBridgeSubnet,
Expand Down
22 changes: 11 additions & 11 deletions pkg/acsengine/defaults-kubelet_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@ package acsengine
import (
"testing"

"github.com/Azure/acs-engine/pkg/api/common"
"github.com/Azure/acs-engine/pkg/helpers"
)

func TestKubeletConfigUseCloudControllerManager(t *testing.T) {
// Test UseCloudControllerManager = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = helpers.PointerToBool(true)
setKubeletConfig(cs)
k := cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
if k["--cloud-provider"] != "external" {
Expand All @@ -18,8 +18,8 @@ func TestKubeletConfigUseCloudControllerManager(t *testing.T) {
}

// Test UseCloudControllerManager = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.UseCloudControllerManager = helpers.PointerToBool(false)
setKubeletConfig(cs)
k = cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
if k["--cloud-provider"] != "azure" {
Expand All @@ -31,7 +31,7 @@ func TestKubeletConfigUseCloudControllerManager(t *testing.T) {

func TestKubeletConfigNetworkPolicy(t *testing.T) {
// Test NetworkPolicy = none
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.NetworkPolicy = NetworkPolicyNone
setKubeletConfig(cs)
k := cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
Expand All @@ -41,7 +41,7 @@ func TestKubeletConfigNetworkPolicy(t *testing.T) {
}

// Test NetworkPolicy = azure
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.NetworkPolicy = "azure"
setKubeletConfig(cs)
k = cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
Expand All @@ -54,8 +54,8 @@ func TestKubeletConfigNetworkPolicy(t *testing.T) {

func TestKubeletConfigEnableSecureKubelet(t *testing.T) {
// Test EnableSecureKubelet = true
cs := createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(true)
cs := createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(true)
setKubeletConfig(cs)
k := cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
if k["--anonymous-auth"] != "false" {
Expand All @@ -72,8 +72,8 @@ func TestKubeletConfigEnableSecureKubelet(t *testing.T) {
}

// Test EnableSecureKubelet = false
cs = createContainerService("testcluster", common.KubernetesVersion1Dot7Dot12, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(false)
cs = createContainerService("testcluster", defaultTestClusterVer, 3, 2)
cs.Properties.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(false)
setKubeletConfig(cs)
k = cs.Properties.OrchestratorProfile.KubernetesConfig.KubeletConfig
for _, key := range []string{"--anonymous-auth", "--client-ca-file"} {
Expand Down
27 changes: 11 additions & 16 deletions pkg/acsengine/defaults.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (

"github.com/Azure/acs-engine/pkg/api"
"github.com/Azure/acs-engine/pkg/api/common"
"github.com/Azure/acs-engine/pkg/helpers"
"github.com/Masterminds/semver"
)

Expand Down Expand Up @@ -179,7 +180,7 @@ var (
// DefaultTillerAddonsConfig is the default tiller Kubernetes addon Config
DefaultTillerAddonsConfig = api.KubernetesAddon{
Name: DefaultTillerAddonName,
Enabled: pointerToBool(api.DefaultTillerAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultTillerAddonEnabled),
Containers: []api.KubernetesContainerSpec{
{
Name: DefaultTillerAddonName,
Expand All @@ -197,7 +198,7 @@ var (
// DefaultACIConnectorAddonsConfig is the default ACI Connector Kubernetes addon Config
DefaultACIConnectorAddonsConfig = api.KubernetesAddon{
Name: DefaultACIConnectorAddonName,
Enabled: pointerToBool(api.DefaultACIConnectorAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultACIConnectorAddonEnabled),
Config: map[string]string{
"region": "westus",
"nodeName": "aci-connector",
Expand All @@ -218,7 +219,7 @@ var (
// DefaultDashboardAddonsConfig is the default kubernetes-dashboard addon Config
DefaultDashboardAddonsConfig = api.KubernetesAddon{
Name: DefaultDashboardAddonName,
Enabled: pointerToBool(api.DefaultDashboardAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultDashboardAddonEnabled),
Containers: []api.KubernetesContainerSpec{
{
Name: DefaultDashboardAddonName,
Expand All @@ -233,7 +234,7 @@ var (
// DefaultReschedulerAddonsConfig is the default rescheduler Kubernetes addon Config
DefaultReschedulerAddonsConfig = api.KubernetesAddon{
Name: DefaultReschedulerAddonName,
Enabled: pointerToBool(api.DefaultReschedulerAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultReschedulerAddonEnabled),
Containers: []api.KubernetesContainerSpec{
{
Name: DefaultReschedulerAddonName,
Expand All @@ -248,7 +249,7 @@ var (
// DefaultMetricsServerAddonsConfig is the default metrics-server Kubernetes addon Config
DefaultMetricsServerAddonsConfig = api.KubernetesAddon{
Name: DefaultMetricsServerAddonName,
Enabled: pointerToBool(api.DefaultMetricsServerAddonEnabled),
Enabled: helpers.PointerToBool(api.DefaultMetricsServerAddonEnabled),
Containers: []api.KubernetesContainerSpec{
{
Name: DefaultMetricsServerAddonName,
Expand Down Expand Up @@ -441,7 +442,7 @@ func setOrchestratorDefaults(cs *api.ContainerService) {
}

if o.KubernetesConfig.PrivateCluster.Enabled == nil {
o.KubernetesConfig.PrivateCluster.Enabled = pointerToBool(api.DefaultPrivateClusterEnabled)
o.KubernetesConfig.PrivateCluster.Enabled = helpers.PointerToBool(api.DefaultPrivateClusterEnabled)
}

if "" == a.OrchestratorProfile.KubernetesConfig.EtcdDiskSizeGB {
Expand All @@ -461,15 +462,15 @@ func setOrchestratorDefaults(cs *api.ContainerService) {
}

if a.OrchestratorProfile.KubernetesConfig.EnableRbac == nil {
a.OrchestratorProfile.KubernetesConfig.EnableRbac = pointerToBool(api.DefaultRBACEnabled)
a.OrchestratorProfile.KubernetesConfig.EnableRbac = helpers.PointerToBool(api.DefaultRBACEnabled)
}

if a.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet == nil {
a.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = pointerToBool(api.DefaultSecureKubeletEnabled)
a.OrchestratorProfile.KubernetesConfig.EnableSecureKubelet = helpers.PointerToBool(api.DefaultSecureKubeletEnabled)
}

if a.OrchestratorProfile.KubernetesConfig.UseInstanceMetadata == nil {
a.OrchestratorProfile.KubernetesConfig.UseInstanceMetadata = pointerToBool(api.DefaultUseInstanceMetadata)
a.OrchestratorProfile.KubernetesConfig.UseInstanceMetadata = helpers.PointerToBool(api.DefaultUseInstanceMetadata)
}

// Configure kubelet
Expand Down Expand Up @@ -833,12 +834,6 @@ func assignDefaultAddonVals(addon, defaults api.KubernetesAddon) api.KubernetesA
return addon
}

// pointerToBool returns a pointer to a bool
func pointerToBool(b bool) *bool {
p := b
return &p
}

// combine user-provided --feature-gates vals with defaults
// a minimum k8s version may be declared as required for defaults assignment
func addDefaultFeatureGates(m map[string]string, version string, minVersion string, defaults string) {
Expand Down Expand Up @@ -893,5 +888,5 @@ func enforceK8sVersionAddonOverrides(addons []api.KubernetesAddon, o *api.Orches
}

func k8sVersionMetricsServerAddonEnabled(o *api.OrchestratorProfile) *bool {
return pointerToBool(common.IsKubernetesVersionGe(o.OrchestratorVersion, "1.9.0"))
return helpers.PointerToBool(common.IsKubernetesVersionGe(o.OrchestratorVersion, "1.9.0"))
}
Loading