Skip to content

Commit

Permalink
Support for Security Group specification/override
Browse files Browse the repository at this point in the history
  • Loading branch information
ellistarn committed Jun 23, 2021
1 parent 291e511 commit ec3e8b4
Show file tree
Hide file tree
Showing 10 changed files with 229 additions and 153 deletions.
51 changes: 51 additions & 0 deletions pkg/cloudprovider/aws/ami.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
package aws

import (
"context"
"fmt"
"strings"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ssm"
"github.com/aws/aws-sdk-go/service/ssm/ssmiface"
"github.com/patrickmn/go-cache"
"k8s.io/client-go/kubernetes"
)

type AMIProvider struct {
cache *cache.Cache
ssm ssmiface.SSMAPI
clientSet *kubernetes.Clientset
}

func NewAMIProvider(ssm ssmiface.SSMAPI, clientSet *kubernetes.Clientset) *AMIProvider {
return &AMIProvider{
ssm: ssm,
clientSet: clientSet,
cache: cache.New(CacheTTL, CacheCleanupInterval),
}
}

func (p *AMIProvider) Get(ctx context.Context, constraints *Constraints) (string, error) {
version, err := p.kubeServerVersion()
if err != nil {
return "", fmt.Errorf("kube server version, %w", err)
}
name := fmt.Sprintf("/aws/service/bottlerocket/aws-k8s-%s/%s/latest/image_id", version, KubeToAWSArchitectures[*constraints.Architecture])
if id, ok := p.cache.Get(name); ok {
return id.(string), nil
}
output, err := p.ssm.GetParameterWithContext(ctx, &ssm.GetParameterInput{Name: aws.String(name)})
if err != nil {
return "", fmt.Errorf("getting ssm parameter, %w", err)
}
return aws.StringValue(output.Parameter.Value), nil
}

func (p *AMIProvider) kubeServerVersion() (string, error) {
version, err := p.clientSet.Discovery().ServerVersion()
if err != nil {
return "", err
}
return fmt.Sprintf("%s.%s", version.Major, strings.TrimSuffix(version.Minor, "+")), nil
}
3 changes: 1 addition & 2 deletions pkg/cloudprovider/aws/cloudprovider.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,9 +79,8 @@ func NewCloudProvider(options cloudprovider.Options) *CloudProvider {
launchTemplateProvider: &LaunchTemplateProvider{
ec2api: ec2api,
cache: cache.New(CacheTTL, CacheCleanupInterval),
amiProvider: NewAMIProvider(ssm.New(sess), options.ClientSet),
securityGroupProvider: NewSecurityGroupProvider(ec2api),
ssm: ssm.New(sess),
clientSet: options.ClientSet,
},
subnetProvider: NewSubnetProvider(ec2api),
instanceTypeProvider: NewInstanceTypeProvider(ec2api),
Expand Down
46 changes: 37 additions & 9 deletions pkg/cloudprovider/aws/constraints.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,12 +38,16 @@ var (
LaunchTemplateVersionLabel = AWSLabelPrefix + "launch-template-version"
SubnetNameLabel = AWSLabelPrefix + "subnet-name"
SubnetTagKeyLabel = AWSLabelPrefix + "subnet-tag-key"
SecurityGroupNameLabel = AWSLabelPrefix + "security-group-name"
SecurityGroupTagKeyLabel = AWSLabelPrefix + "security-group-tag-key"
AllowedLabels = []string{
CapacityTypeLabel,
LaunchTemplateIdLabel,
LaunchTemplateVersionLabel,
SubnetNameLabel,
SubnetTagKeyLabel,
SecurityGroupNameLabel,
SecurityGroupTagKeyLabel,
}
AWSToKubeArchitectures = map[string]string{
"x86_64": v1alpha1.ArchitectureAmd64,
Expand All @@ -66,10 +70,18 @@ func (c *Constraints) GetCapacityType() string {
}

type LaunchTemplate struct {
Id *string
Version *string
Id string
Version string
}

// func (c *Constraints) GetProvisionerName() string {
// return c.Labels[v1alpha1.ProvisionerNameLabelKey]
// }

// func (c *Constraints) GetProvisionerNamespace() string {
// return c.Labels[v1alpha1.ProvisionerNamespaceLabelKey]
// }

func (c *Constraints) GetLaunchTemplate() *LaunchTemplate {
id, ok := c.Labels[LaunchTemplateIdLabel]
if !ok {
Expand All @@ -80,28 +92,44 @@ func (c *Constraints) GetLaunchTemplate() *LaunchTemplate {
version = DefaultLaunchTemplateVersion
}
return &LaunchTemplate{
Id: &id,
Version: &version,
Id: id,
Version: version,
}
}

func (c *Constraints) GetSubnetName() *string {
subnetName, ok := c.Labels[SubnetNameLabel]
name, ok := c.Labels[SubnetNameLabel]
if !ok {
return nil
}
return aws.String(subnetName)
return aws.String(name)
}

func (c *Constraints) GetSubnetTagKey() *string {
subnetTag, ok := c.Labels[SubnetTagKeyLabel]
tag, ok := c.Labels[SubnetTagKeyLabel]
if !ok {
return nil
}
return aws.String(tag)
}

func (c *Constraints) GetSecurityGroupName() *string {
name, ok := c.Labels[SecurityGroupNameLabel]
if !ok {
return nil
}
return aws.String(name)
}

func (c *Constraints) GetSecurityGroupTagKey() *string {
tag, ok := c.Labels[SecurityGroupTagKeyLabel]
if !ok {
return nil
}
return aws.String(subnetTag)
return aws.String(tag)
}

func (c *Constraints) Validate(ctx context.Context) (errs *apis.FieldError) {
func (c *Constraints) Validate(ctx context.Context) (errs *apis.FieldError) {
return errs.Also(
c.validateAllowedLabels(ctx),
c.validateCapacityType(ctx),
Expand Down
6 changes: 5 additions & 1 deletion pkg/cloudprovider/aws/fake/ec2api.go
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,11 @@ func (e *EC2API) DescribeSecurityGroupsWithContext(context.Context, *ec2.Describ
if e.DescribeSecurityGroupsOutput != nil {
return e.DescribeSecurityGroupsOutput, nil
}
return &ec2.DescribeSecurityGroupsOutput{SecurityGroups: []*ec2.SecurityGroup{{GroupId: aws.String("test-group")}}}, nil
return &ec2.DescribeSecurityGroupsOutput{SecurityGroups: []*ec2.SecurityGroup{
{GroupId: aws.String("test-group-1"), Tags: []*ec2.Tag{{Key: aws.String("Name"), Value: aws.String("test-group-1")}}},
{GroupId: aws.String("test-group-1"), Tags: []*ec2.Tag{{Key: aws.String("Name"), Value: aws.String("test-group-1")}}},
{GroupId: aws.String("test-group-1"), Tags: []*ec2.Tag{{Key: aws.String("Name"), Value: aws.String("test-group-1")}}},
}}, nil
}

func (e *EC2API) DescribeAvailabilityZonesWithContext(context.Context, *ec2.DescribeAvailabilityZonesInput, ...request.Option) (*ec2.DescribeAvailabilityZonesOutput, error) {
Expand Down
4 changes: 2 additions & 2 deletions pkg/cloudprovider/aws/instance.go
Original file line number Diff line number Diff line change
Expand Up @@ -86,8 +86,8 @@ func (p *InstanceProvider) Create(ctx context.Context,
},
LaunchTemplateConfigs: []*ec2.FleetLaunchTemplateConfigRequest{{
LaunchTemplateSpecification: &ec2.FleetLaunchTemplateSpecificationRequest{
LaunchTemplateId: launchTemplate.Id,
Version: launchTemplate.Version,
LaunchTemplateId: aws.String(launchTemplate.Id),
Version: aws.String(launchTemplate.Version),
},
Overrides: overrides,
}},
Expand Down
Loading

0 comments on commit ec3e8b4

Please sign in to comment.