-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kubelet anonymousAuth not being passed to kubelet #256
Comments
Hello @rmgpinto 👋 |
See the expansion code here terraform-provider-kops/pkg/schemas/kops/Resource_KubeletConfigSpec.generated.go Lines 115 to 117 in 9fa064e
One hack to fix this to make the parameter mandatory but it's not silver bullet as null gets unsupported. |
I think a solution would be to make the argument a struct, something like this: kubelet{
anonymous_auth {
value = true
}
} |
If it fixes the problem, that would be great!
…On Sat, 3 Jul 2021 at 15:31 eddycharly ***@***.***> wrote:
I think a solution would be to make the argument a struct, something like
this:
kubelet{
anonymous_auth {
value = true
}
}
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#256 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAGACDLJ7MY7ATBYUYXOR3TV4NNNANCNFSM47XE3YQA>
.
|
There are two possible solutions, the one above or: kubelet{
anonymous_auth = false
anonymous_auth_specified = true
} I'm not a big fan of adding a |
Not a big fan either, and it would cause confusion.
…On Sat, Jul 3, 2021 at 3:43 PM eddycharly ***@***.***> wrote:
There are two possible solutions, the one above or:
kubelet{
anonymous_auth = false
anonymous_auth_specified = true
}
I'm not a big fan of adding a _specified argument for every prop that is
a pointer in kOps.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#256 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAGACG64XM736BSXHKBK6LTV4OZVANCNFSM47XE3YQA>
.
|
I agree, I'm making this change, i had this in mind for some time. |
Thank you very much!
…On Sat, 3 Jul 2021 at 15:48 eddycharly ***@***.***> wrote:
I agree, I'm making this change, i had this in mind for some time.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#256 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAGACAWSVDG6TLIRACWJGLTV4PLLANCNFSM47XE3YQA>
.
|
WIP here #258 |
Hi, just my two cents regarding the PR and the code above. I thought only kubelet -> anonymous_auth was going to be this way, but I saw the PR and every value will change. IMO this is not a very terraform way of specifying values, and it's a significant drift from standards. I'd simplify things and set a sensible default for Just my opinion of course. |
The issue happens with every prop that is a pointer in kOps code, not only kubelet For some props, setting a sensible default value will do the trick but in some cases where Going through all props and finding a sensible value is gonna be a pain and I feel like a lot of bugs are introduced because of this.
I agree but i find the syntax not that hard to understand and it would fix the issue once for all (leaving complete freedom to the end user). This is a bit of a pain that terraform has no solution for this (see hashicorp/terraform-plugin-sdk#261). What do you think ? What are the drawbacks you see in applying it to all pointer props ? |
does this: https://stackoverflow.com/questions/43351216/check-if-boolean-value-is-set-in-go help? I understand the issue with
Which are odd to me... Why do string values need to be changed as well? |
I wonder why it is a pointer in kOps in the first place (https://github.com/kubernetes/kops/blob/559b57ea4c85931987da2bb1de85f7d9cd81f880/pkg/apis/kops/cluster.go#L586) TBH it's probably safe to interpret I feel not comfortable making choices in the back of kOps, I feel a lot more comfortable with the approach if kOps expects a pointer let's give it a pointer this way i can almost be sure that i don't introduce unexpected behavior as kOps configuration can sometimes be tricky. |
But i agree it could be nuanced for some props. |
Amazing @eddycharly, looking forward to a new release! |
Ok, let's merge the pr and see how things go 🤞 |
Thanks for your great feedback, let me know if it fixes your issue. |
Thanks! I'll test today or the latest tomorrow.
…On Mon, Jul 5, 2021 at 5:04 PM eddycharly ***@***.***> wrote:
v1.20.0-alpha.6 is being built.
Thanks for your great feedback, let me know if it fixes your issue.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#256 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAGACDOKS5HA3CQNXV5ZZ3TWHJYNANCNFSM47XE3YQA>
.
|
Just tested this, looks good to me. Thanks for the quick response. |
kubelet and kube-api-server are not receiving the
anonymous_auth
parameter from terraform.config:
kubelet cmdline on node
There should be an
--anonymous-auth=false
Can you check this please? Thanks
edit: just check now, and if I pass
yes
then the flag--anonymous-auth=true
is added to kubelet and to kube-api-server. Maybe something wrong with the code processing the false values?The text was updated successfully, but these errors were encountered: