-
Notifications
You must be signed in to change notification settings - Fork 983
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AMIFamily Defaulting and Validation #1296
Changes from 4 commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -106,20 +106,14 @@ func (p *LaunchTemplateProvider) Get(ctx context.Context, constraints *v1alpha1. | |
} | ||
// Construct launch templates | ||
launchTemplates := map[string][]cloudprovider.InstanceType{} | ||
caBundle, err := p.GetCABundle(ctx) | ||
if err != nil { | ||
return nil, fmt.Errorf("getting ca bundle for user data, %w", err) | ||
} | ||
for amiID, instanceTypes := range amis { | ||
// Get userData for Node | ||
var userData string | ||
if constraints.AMIFamily != nil { | ||
if strings.EqualFold(*constraints.AMIFamily, v1alpha1.OperatingSystemBottleRocket) { | ||
userData, err = p.getBottleRocketUserData(ctx, constraints, additionalLabels) | ||
} else if strings.EqualFold(*constraints.AMIFamily, v1alpha1.OperatingSystemEKSOptimized) { | ||
userData, err = p.getEKSOptimizedUserData(ctx, constraints, instanceTypes, additionalLabels) | ||
} else { | ||
logging.FromContext(ctx).Warnf("AMIFamily was set, but was not one of %s or %s. Setting to %s as the default.", v1alpha1.OperatingSystemEKSOptimized, v1alpha1.OperatingSystemBottleRocket, v1alpha1.OperatingSystemEKSOptimized) | ||
userData, err = p.getEKSOptimizedUserData(ctx, constraints, instanceTypes, additionalLabels) | ||
} | ||
} else { | ||
userData, err = p.getEKSOptimizedUserData(ctx, constraints, instanceTypes, additionalLabels) | ||
userData := p.getEKSOptimizedUserData(ctx, constraints, instanceTypes, additionalLabels, caBundle) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. totally minor, but if you factored this out into a function, you could use the same return pattern used in the ami logic and keep this core Get() function as simple as possible. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. How's this? |
||
if aws.StringValue(constraints.AMIFamily) == v1alpha1.AMIFamilyBottlerocket { | ||
userData = p.getBottlerocketUserData(ctx, constraints, additionalLabels, caBundle) | ||
} | ||
if err != nil { | ||
bwagner5 marked this conversation as resolved.
Show resolved
Hide resolved
|
||
return nil, err | ||
|
@@ -252,52 +246,35 @@ func sortedKeys(m map[string]string) []string { | |
return keys | ||
} | ||
|
||
func (p *LaunchTemplateProvider) getBottleRocketUserData(ctx context.Context, constraints *v1alpha1.Constraints, additionalLabels map[string]string) (string, error) { | ||
var userData string | ||
userData += fmt.Sprintf(`[settings.kubernetes] | ||
cluster-name = "%s" | ||
api-server = "%s" | ||
`, | ||
injection.GetOptions(ctx).ClusterName, | ||
injection.GetOptions(ctx).ClusterEndpoint) | ||
|
||
func (p *LaunchTemplateProvider) getBottlerocketUserData(ctx context.Context, constraints *v1alpha1.Constraints, additionalLabels map[string]string, caBundle *string) string { | ||
userData := fmt.Sprintf("[settings.kubernetes]\ncluster-name = \"%s\"\napi-server = \"%s\"\n", injection.GetOptions(ctx).ClusterName, injection.GetOptions(ctx).ClusterEndpoint) | ||
if constraints.KubeletConfiguration.ClusterDNS != nil { | ||
userData += fmt.Sprintf("cluster-dns-ip = \"%s\"", constraints.KubeletConfiguration.ClusterDNS) | ||
} | ||
|
||
caBundle, err := p.GetCABundle(ctx) | ||
if err != nil { | ||
return "", fmt.Errorf("getting ca bundle for user data, %w", err) | ||
userData += fmt.Sprintf("cluster-dns-ip = \"%s\"\n", constraints.KubeletConfiguration.ClusterDNS) | ||
} | ||
if caBundle != nil { | ||
userData += fmt.Sprintf("cluster-certificate = \"%s\"\n", *caBundle) | ||
} | ||
|
||
nodeLabelArgs := functional.UnionStringMaps(additionalLabels, constraints.Labels) | ||
if len(nodeLabelArgs) > 0 { | ||
userData += `[settings.kubernetes.node-labels] | ||
` | ||
userData += "[settings.kubernetes.node-labels]\n" | ||
for key, val := range nodeLabelArgs { | ||
userData += fmt.Sprintf("\"%s\" = \"%s\"", key, val) | ||
userData += fmt.Sprintf("\"%s\" = \"%s\"\n", key, val) | ||
} | ||
} | ||
|
||
if len(constraints.Taints) > 0 { | ||
userData += `[settings.kubernetes.node-taints] | ||
` | ||
userData += "[settings.kubernetes.node-taints]\n" | ||
sorted := sortedTaints(constraints.Taints) | ||
for _, taint := range sorted { | ||
userData += fmt.Sprintf("%s=%s:%s", taint.Key, taint.Value, taint.Effect) | ||
userData += fmt.Sprintf("%s=%s:%s\n", taint.Key, taint.Value, taint.Effect) | ||
} | ||
} | ||
|
||
return base64.StdEncoding.EncodeToString([]byte(userData)), nil | ||
return base64.StdEncoding.EncodeToString([]byte(userData)) | ||
} | ||
|
||
// getEKSOptimizedUserData returns the exact same string for equivalent input, | ||
// even if elements of those inputs are in differing orders, | ||
// guaranteeing it won't cause spurious hash differences. | ||
func (p *LaunchTemplateProvider) getEKSOptimizedUserData(ctx context.Context, constraints *v1alpha1.Constraints, instanceTypes []cloudprovider.InstanceType, additionalLabels map[string]string) (string, error) { | ||
func (p *LaunchTemplateProvider) getEKSOptimizedUserData(ctx context.Context, constraints *v1alpha1.Constraints, instanceTypes []cloudprovider.InstanceType, additionalLabels map[string]string, caBundle *string) string { | ||
var containerRuntimeArg string | ||
if !needsDocker(instanceTypes) { | ||
containerRuntimeArg = "--container-runtime containerd" | ||
|
@@ -311,10 +288,6 @@ exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 | |
injection.GetOptions(ctx).ClusterName, | ||
containerRuntimeArg, | ||
injection.GetOptions(ctx).ClusterEndpoint)) | ||
caBundle, err := p.GetCABundle(ctx) | ||
if err != nil { | ||
return "", fmt.Errorf("getting ca bundle for user data, %w", err) | ||
} | ||
if caBundle != nil { | ||
userData.WriteString(fmt.Sprintf(` \ | ||
--b64-cluster-ca '%s'`, | ||
|
@@ -339,7 +312,7 @@ exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 | |
userData.WriteString(fmt.Sprintf(` \ | ||
--dns-cluster-ip '%s'`, constraints.KubeletConfiguration.ClusterDNS[0])) | ||
} | ||
return base64.StdEncoding.EncodeToString(userData.Bytes()), nil | ||
return base64.StdEncoding.EncodeToString(userData.Bytes()) | ||
} | ||
|
||
func (p *LaunchTemplateProvider) getNodeLabelArgs(nodeLabels map[string]string) string { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reminder to make this EKSOptimizedLinux
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can't we just support Operating system separately and keep AMIFamily the actual family? So if AMIFamily was EKSOptimized but the pod requested Windows, we'd just give them windows EKS Optimized?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This assumes a certain amount of parity between EKSOptimized. In general, I agree with you. IIRC, this was a request from @suket22.