Merge pull request #4867 from deitch/cherry-support-ssh-keys

Cherry support ssh keys
kubernetes · May 9, 2022 · cff6cde · cff6cde
2 parents 9bca83a + cd35689
commit cff6cde
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 12 deletions.
diff --git a/cluster-autoscaler/cloudprovider/cherryservers/cherry_manager_rest.go b/cluster-autoscaler/cloudprovider/cherryservers/cherry_manager_rest.go
@@ -71,6 +71,7 @@ type cherryManagerNodePool struct {
 	os                string
 	cloudinit         string
 	hostnamePattern   string
+	sshKeyIDs         []int
 	waitTimeStep      time.Duration
 }
 
@@ -84,14 +85,20 @@ type cherryManagerRest struct {
 
 // ConfigNodepool options only include the project-id for now
 type ConfigNodepool struct {
-	ClusterName       string `gcfg:"cluster-name"`
-	ProjectID         int    `gcfg:"project-id"`
-	APIServerEndpoint string `gcfg:"api-server-endpoint"`
-	Region            string `gcfg:"region"`
-	Plan              string `gcfg:"plan"`
-	OS                string `gcfg:"os"`
-	CloudInit         string `gcfg:"cloudinit"`
-	HostnamePattern   string `gcfg:"hostname-pattern"`
+	ClusterName       string   `gcfg:"cluster-name"`
+	ProjectID         int      `gcfg:"project-id"`
+	APIServerEndpoint string   `gcfg:"api-server-endpoint"`
+	Region            string   `gcfg:"region"`
+	Plan              string   `gcfg:"plan"`
+	OS                string   `gcfg:"os"`
+	SSHKeys           []string `gcfg:"ssh-key-ids"`
+	CloudInit         string   `gcfg:"cloudinit"`
+	HostnamePattern   string   `gcfg:"hostname-pattern"`
+}
+
+// IsEmpty determine if this is an empty config
+func (c ConfigNodepool) IsEmpty() bool {
+	return c.ClusterName == "" && c.CloudInit == "" && c.Region == "" && c.Plan == "" && c.ProjectID == 0
 }
 
 // ConfigFile is used to read and store information from the cloud configuration file
@@ -179,7 +186,7 @@ func createCherryManagerRest(configReader io.Reader, discoverOpts cloudprovider.
 		cfg.Nodegroupdef["default"] = &cfg.DefaultNodegroupdef
 	}
 
-	if *cfg.Nodegroupdef["default"] == (ConfigNodepool{}) {
+	if cfg.Nodegroupdef["default"].IsEmpty() {
 		klog.Fatalf("No \"default\" or [Global] nodepool definition was found")
 	}
 
@@ -210,6 +217,14 @@ func createCherryManagerRest(configReader io.Reader, discoverOpts cloudprovider.
 		if err != nil {
 			return nil, fmt.Errorf("invalid plan %s for nodepool %s, must be integer: %v", nodepool.Plan, key, err)
 		}
+		var sshKeyIDs []int
+		for i, keyIDString := range nodepool.SSHKeys {
+			keyID, err := strconv.ParseInt(keyIDString, 10, 32)
+			if err != nil {
+				return nil, fmt.Errorf("invalid ssh-key ID at position %d: %s; it must be an integer", i, keyIDString)
+			}
+			sshKeyIDs = append(sshKeyIDs, int(keyID))
+		}
 		manager.nodePools[key] = &cherryManagerNodePool{
 			projectID:         projectID,
 			apiServerEndpoint: apiServerEndpoint,
@@ -218,6 +233,7 @@ func createCherryManagerRest(configReader io.Reader, discoverOpts cloudprovider.
 			plan:              int(plan),
 			os:                nodepool.OS,
 			cloudinit:         nodepool.CloudInit,
+			sshKeyIDs:         sshKeyIDs,
 			hostnamePattern:   nodepool.HostnamePattern,
 		}
 	}
@@ -410,14 +426,14 @@ func (mgr *cherryManagerRest) createNode(ctx context.Context, cloudinit, nodegro
 	if err != nil {
 		return fmt.Errorf("failed to create hostname from template: %w", err)
 	}
-
 	cr := &CreateServer{
 		Hostname:  hn,
 		Region:    mgr.getNodePoolDefinition(nodegroup).region,
 		PlanID:    mgr.getNodePoolDefinition(nodegroup).plan,
 		Image:     mgr.getNodePoolDefinition(nodegroup).os,
 		ProjectID: mgr.getNodePoolDefinition(nodegroup).projectID,
 		UserData:  base64.StdEncoding.EncodeToString([]byte(ud)),
+		SSHKeys:   mgr.getNodePoolDefinition(nodegroup).sshKeyIDs,
 		Tags:      &map[string]string{"k8s-cluster": mgr.getNodePoolDefinition(nodegroup).clusterName, "k8s-nodepool": nodegroup},
 	}
 

diff --git a/cluster-autoscaler/cloudprovider/cherryservers/examples/cluster-autoscaler-secret.yaml b/cluster-autoscaler/cloudprovider/cherryservers/examples/cluster-autoscaler-secret.yaml
@@ -26,7 +26,7 @@ stringData:
     region=EU-Nord-1
     os=ubuntu_18_04
     plan=113
-    cloudinit=IyEvYmluL2Jhc2gKZXhwb3J0IERFQklBTl9GUk9OVEVORD1ub25pbnRlcmFjdGl2ZQpleHBvcnQgSzhTX1ZFUlNJT049MS4yMy4xCmFwdC1nZXQgdXBkYXRlICYmIGFwdC1nZXQgaW5zdGFsbCAteSBhcHQtdHJhbnNwb3J0LWh0dHBzIGNhLWNlcnRpZmljYXRlcyBjdXJsIHNvZnR3YXJlLXByb3BlcnRpZXMtY29tbW9uCmN1cmwgLWZzU0wgaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dS9ncGcgfCBhcHQta2V5IGFkZCAtCmN1cmwgLXMgaHR0cHM6Ly9wYWNrYWdlcy5jbG91ZC5nb29nbGUuY29tL2FwdC9kb2MvYXB0LWtleS5ncGcgfCBhcHQta2V5IGFkZCAtCmNhdCA8PEVPRiA+L2V0Yy9hcHQvc291cmNlcy5saXN0LmQva3ViZXJuZXRlcy5saXN0CmRlYiBodHRwczovL2FwdC5rdWJlcm5ldGVzLmlvLyBrdWJlcm5ldGVzLXhlbmlhbCBtYWluCkVPRgphZGQtYXB0LXJlcG9zaXRvcnkgICAiZGViIFthcmNoPWFtZDY0XSBodHRwczovL2Rvd25sb2FkLmRvY2tlci5jb20vbGludXgvdWJ1bnR1ICAgJChsc2JfcmVsZWFzZSAtY3MpICAgc3RhYmxlIgphcHQtZ2V0IHVwZGF0ZQphcHQtZ2V0IHVwZ3JhZGUgLXkKYXB0LWdldCBpbnN0YWxsIC15IGt1YmVsZXQ9JHtLOHNfVkVSU0lPTn0tMDAga3ViZWFkbT0ke0s4c19WRVJTSU9OfS0wMCBrdWJlY3RsPSR7SzhzX1ZFUlNJT059LTAwCmFwdC1tYXJrIGhvbGQga3ViZWxldCBrdWJlYWRtIGt1YmVjdGwKY3VybCAtZnNTTCBodHRwczovL2Rvd25sb2FkLmRvY2tlci5jb20vbGludXgvdWJ1bnR1L2dwZyB8IGFwdC1rZXkgYWRkIC0KYWRkLWFwdC1yZXBvc2l0b3J5ICJkZWIgW2FyY2g9YW1kNjRdIGh0dHBzOi8vZG93bmxvYWQuZG9ja2VyLmNvbS9saW51eC91YnVudHUgYmlvbmljIHN0YWJsZSIKYXB0IHVwZGF0ZQphcHQgaW5zdGFsbCAteSBkb2NrZXItY2U9MTguMDYuMn5jZX4zLTB+dWJ1bnR1CmNhdCA+IC9ldGMvZG9ja2VyL2RhZW1vbi5qc29uIDw8RU9GCnsKICAiZXhlYy1vcHRzIjogWyJuYXRpdmUuY2dyb3VwZHJpdmVyPXN5c3RlbWQiXSwKICAibG9nLWRyaXZlciI6ICJqc29uLWZpbGUiLAogICJsb2ctb3B0cyI6IHsKICAgICJtYXgtc2l6ZSI6ICIxMDBtIgogIH0sCiAgInN0b3JhZ2UtZHJpdmVyIjogIm92ZXJsYXkyIgp9CkVPRgpta2RpciAtcCAvZXRjL3N5c3RlbWQvc3lzdGVtL2RvY2tlci5zZXJ2aWNlLmQKc3lzdGVtY3RsIGRhZW1vbi1yZWxvYWQKc3lzdGVtY3RsIHJlc3RhcnQgZG9ja2VyCnN3YXBvZmYgLWEKbXYgL2V0Yy9mc3RhYiAvZXRjL2ZzdGFiLm9sZCAmJiBncmVwIC12IHN3YXAgL2V0Yy9mc3RhYi5vbGQgPiAvZXRjL2ZzdGFiCmNhdCA8PEVPRiB8IHRlZSAvZXRjL2RlZmF1bHQva3ViZWxldApLVUJFTEVUX0VYVFJBX0FSR1M9LS1jbG91ZC1wcm92aWRlcj1leHRlcm5hbApFT0YKa3ViZWFkbSBqb2luIC0tZGlzY292ZXJ5LXRva2VuLXVuc2FmZS1za2lwLWNhLXZlcmlmaWNhdGlvbiAtLXRva2VuIHt7LkJvb3RzdHJhcFRva2VuSUR9fS57ey5Cb290c3RyYXBUb2tlblNlY3JldH19IHt7LkFQSVNlcnZlckVuZHBvaW50fX0K
+    cloudinit=IyEvYmluL2Jhc2gKc2V0IC14CmV4cG9ydCBERUJJQU5fRlJPTlRFTkQ9bm9uaW50ZXJhY3RpdmUKZXhwb3J0IEs4U19WRVJTSU9OPTEuMjMuMQphcHQtZ2V0IHVwZGF0ZSAmJiBhcHQtZ2V0IGluc3RhbGwgLXkgYXB0LXRyYW5zcG9ydC1odHRwcyBjYS1jZXJ0aWZpY2F0ZXMgY3VybCBzb2Z0d2FyZS1wcm9wZXJ0aWVzLWNvbW1vbgpjdXJsIC1mc1NMIGh0dHBzOi8vZG93bmxvYWQuZG9ja2VyLmNvbS9saW51eC91YnVudHUvZ3BnIHwgYXB0LWtleSBhZGQgLQpjdXJsIC1zIGh0dHBzOi8vcGFja2FnZXMuY2xvdWQuZ29vZ2xlLmNvbS9hcHQvZG9jL2FwdC1rZXkuZ3BnIHwgYXB0LWtleSBhZGQgLQpjYXQgPDxFT0YgPi9ldGMvYXB0L3NvdXJjZXMubGlzdC5kL2t1YmVybmV0ZXMubGlzdApkZWIgaHR0cHM6Ly9hcHQua3ViZXJuZXRlcy5pby8ga3ViZXJuZXRlcy14ZW5pYWwgbWFpbgpFT0YKYWRkLWFwdC1yZXBvc2l0b3J5ICAgImRlYiBbYXJjaD1hbWQ2NF0gaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dSAgICQobHNiX3JlbGVhc2UgLWNzKSAgIHN0YWJsZSIKYXB0LWdldCB1cGRhdGUKYXB0LWdldCB1cGdyYWRlIC15CmFwdC1nZXQgaW5zdGFsbCAteSBrdWJlbGV0PSR7SzhTX1ZFUlNJT059LTAwIGt1YmVhZG09JHtLOFNfVkVSU0lPTn0tMDAga3ViZWN0bD0ke0s4U19WRVJTSU9OfS0wMAphcHQtbWFyayBob2xkIGt1YmVsZXQga3ViZWFkbSBrdWJlY3RsCmN1cmwgLWZzU0wgaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dS9ncGcgfCBhcHQta2V5IGFkZCAtCmFkZC1hcHQtcmVwb3NpdG9yeSAiZGViIFthcmNoPWFtZDY0XSBodHRwczovL2Rvd25sb2FkLmRvY2tlci5jb20vbGludXgvdWJ1bnR1IGJpb25pYyBzdGFibGUiCmFwdCB1cGRhdGUKYXB0IGluc3RhbGwgLXkgZG9ja2VyLWNlPTE4LjA2LjJ+Y2V+My0wfnVidW50dQpjYXQgPiAvZXRjL2RvY2tlci9kYWVtb24uanNvbiA8PEVPRgp7CiAgImV4ZWMtb3B0cyI6IFsibmF0aXZlLmNncm91cGRyaXZlcj1zeXN0ZW1kIl0sCiAgImxvZy1kcml2ZXIiOiAianNvbi1maWxlIiwKICAibG9nLW9wdHMiOiB7CiAgICAibWF4LXNpemUiOiAiMTAwbSIKICB9LAogICJzdG9yYWdlLWRyaXZlciI6ICJvdmVybGF5MiIKfQpFT0YKbWtkaXIgLXAgL2V0Yy9zeXN0ZW1kL3N5c3RlbS9kb2NrZXIuc2VydmljZS5kCnN5c3RlbWN0bCBkYWVtb24tcmVsb2FkCnN5c3RlbWN0bCByZXN0YXJ0IGRvY2tlcgpzd2Fwb2ZmIC1hCm12IC9ldGMvZnN0YWIgL2V0Yy9mc3RhYi5vbGQgJiYgZ3JlcCAtdiBzd2FwIC9ldGMvZnN0YWIub2xkID4gL2V0Yy9mc3RhYgpjYXQgPDxFT0YgfCB0ZWUgL2V0Yy9kZWZhdWx0L2t1YmVsZXQKS1VCRUxFVF9FWFRSQV9BUkdTPS0tY2xvdWQtcHJvdmlkZXI9ZXh0ZXJuYWwKRU9GCmt1YmVhZG0gam9pbiAtLWRpc2NvdmVyeS10b2tlbi11bnNhZmUtc2tpcC1jYS12ZXJpZmljYXRpb24gLS10b2tlbiBuZjhhdGYua3dmczF0MTVwam1oazduNCA5My4xMTUuMjkuNDQ6ODQ0Mwo=
     hostname-pattern=k8s-{{.ClusterName}}-{{.NodeGroup}}-{{.RandString8}}
 
     [nodegroupdef "pool2"]
@@ -35,7 +35,7 @@ stringData:
     region=EU-Nord-1
     os=ubuntu_18_04
     plan=113
-    cloudinit=IyEvYmluL2Jhc2gKZXhwb3J0IERFQklBTl9GUk9OVEVORD1ub25pbnRlcmFjdGl2ZQpleHBvcnQgSzhTX1ZFUlNJT049MS4yMy4xCmFwdC1nZXQgdXBkYXRlICYmIGFwdC1nZXQgaW5zdGFsbCAteSBhcHQtdHJhbnNwb3J0LWh0dHBzIGNhLWNlcnRpZmljYXRlcyBjdXJsIHNvZnR3YXJlLXByb3BlcnRpZXMtY29tbW9uCmN1cmwgLWZzU0wgaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dS9ncGcgfCBhcHQta2V5IGFkZCAtCmN1cmwgLXMgaHR0cHM6Ly9wYWNrYWdlcy5jbG91ZC5nb29nbGUuY29tL2FwdC9kb2MvYXB0LWtleS5ncGcgfCBhcHQta2V5IGFkZCAtCmNhdCA8PEVPRiA+L2V0Yy9hcHQvc291cmNlcy5saXN0LmQva3ViZXJuZXRlcy5saXN0CmRlYiBodHRwczovL2FwdC5rdWJlcm5ldGVzLmlvLyBrdWJlcm5ldGVzLXhlbmlhbCBtYWluCkVPRgphZGQtYXB0LXJlcG9zaXRvcnkgICAiZGViIFthcmNoPWFtZDY0XSBodHRwczovL2Rvd25sb2FkLmRvY2tlci5jb20vbGludXgvdWJ1bnR1ICAgJChsc2JfcmVsZWFzZSAtY3MpICAgc3RhYmxlIgphcHQtZ2V0IHVwZGF0ZQphcHQtZ2V0IHVwZ3JhZGUgLXkKYXB0LWdldCBpbnN0YWxsIC15IGt1YmVsZXQ9JHtLOHNfVkVSU0lPTn0tMDAga3ViZWFkbT0ke0s4c19WRVJTSU9OfS0wMCBrdWJlY3RsPSR7SzhzX1ZFUlNJT059LTAwCmFwdC1tYXJrIGhvbGQga3ViZWxldCBrdWJlYWRtIGt1YmVjdGwKY3VybCAtZnNTTCBodHRwczovL2Rvd25sb2FkLmRvY2tlci5jb20vbGludXgvdWJ1bnR1L2dwZyB8IGFwdC1rZXkgYWRkIC0KYWRkLWFwdC1yZXBvc2l0b3J5ICJkZWIgW2FyY2g9YW1kNjRdIGh0dHBzOi8vZG93bmxvYWQuZG9ja2VyLmNvbS9saW51eC91YnVudHUgYmlvbmljIHN0YWJsZSIKYXB0IHVwZGF0ZQphcHQgaW5zdGFsbCAteSBkb2NrZXItY2U9MTguMDYuMn5jZX4zLTB+dWJ1bnR1CmNhdCA+IC9ldGMvZG9ja2VyL2RhZW1vbi5qc29uIDw8RU9GCnsKICAiZXhlYy1vcHRzIjogWyJuYXRpdmUuY2dyb3VwZHJpdmVyPXN5c3RlbWQiXSwKICAibG9nLWRyaXZlciI6ICJqc29uLWZpbGUiLAogICJsb2ctb3B0cyI6IHsKICAgICJtYXgtc2l6ZSI6ICIxMDBtIgogIH0sCiAgInN0b3JhZ2UtZHJpdmVyIjogIm92ZXJsYXkyIgp9CkVPRgpta2RpciAtcCAvZXRjL3N5c3RlbWQvc3lzdGVtL2RvY2tlci5zZXJ2aWNlLmQKc3lzdGVtY3RsIGRhZW1vbi1yZWxvYWQKc3lzdGVtY3RsIHJlc3RhcnQgZG9ja2VyCnN3YXBvZmYgLWEKbXYgL2V0Yy9mc3RhYiAvZXRjL2ZzdGFiLm9sZCAmJiBncmVwIC12IHN3YXAgL2V0Yy9mc3RhYi5vbGQgPiAvZXRjL2ZzdGFiCmNhdCA8PEVPRiB8IHRlZSAvZXRjL2RlZmF1bHQva3ViZWxldApLVUJFTEVUX0VYVFJBX0FSR1M9LS1jbG91ZC1wcm92aWRlcj1leHRlcm5hbApFT0YKa3ViZWFkbSBqb2luIC0tZGlzY292ZXJ5LXRva2VuLXVuc2FmZS1za2lwLWNhLXZlcmlmaWNhdGlvbiAtLXRva2VuIHt7LkJvb3RzdHJhcFRva2VuSUR9fS57ey5Cb290c3RyYXBUb2tlblNlY3JldH19IHt7LkFQSVNlcnZlckVuZHBvaW50fX0K
+    cloudinit=IyEvYmluL2Jhc2gKc2V0IC14CmV4cG9ydCBERUJJQU5fRlJPTlRFTkQ9bm9uaW50ZXJhY3RpdmUKZXhwb3J0IEs4U19WRVJTSU9OPTEuMjMuMQphcHQtZ2V0IHVwZGF0ZSAmJiBhcHQtZ2V0IGluc3RhbGwgLXkgYXB0LXRyYW5zcG9ydC1odHRwcyBjYS1jZXJ0aWZpY2F0ZXMgY3VybCBzb2Z0d2FyZS1wcm9wZXJ0aWVzLWNvbW1vbgpjdXJsIC1mc1NMIGh0dHBzOi8vZG93bmxvYWQuZG9ja2VyLmNvbS9saW51eC91YnVudHUvZ3BnIHwgYXB0LWtleSBhZGQgLQpjdXJsIC1zIGh0dHBzOi8vcGFja2FnZXMuY2xvdWQuZ29vZ2xlLmNvbS9hcHQvZG9jL2FwdC1rZXkuZ3BnIHwgYXB0LWtleSBhZGQgLQpjYXQgPDxFT0YgPi9ldGMvYXB0L3NvdXJjZXMubGlzdC5kL2t1YmVybmV0ZXMubGlzdApkZWIgaHR0cHM6Ly9hcHQua3ViZXJuZXRlcy5pby8ga3ViZXJuZXRlcy14ZW5pYWwgbWFpbgpFT0YKYWRkLWFwdC1yZXBvc2l0b3J5ICAgImRlYiBbYXJjaD1hbWQ2NF0gaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dSAgICQobHNiX3JlbGVhc2UgLWNzKSAgIHN0YWJsZSIKYXB0LWdldCB1cGRhdGUKYXB0LWdldCB1cGdyYWRlIC15CmFwdC1nZXQgaW5zdGFsbCAteSBrdWJlbGV0PSR7SzhTX1ZFUlNJT059LTAwIGt1YmVhZG09JHtLOFNfVkVSU0lPTn0tMDAga3ViZWN0bD0ke0s4U19WRVJTSU9OfS0wMAphcHQtbWFyayBob2xkIGt1YmVsZXQga3ViZWFkbSBrdWJlY3RsCmN1cmwgLWZzU0wgaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dS9ncGcgfCBhcHQta2V5IGFkZCAtCmFkZC1hcHQtcmVwb3NpdG9yeSAiZGViIFthcmNoPWFtZDY0XSBodHRwczovL2Rvd25sb2FkLmRvY2tlci5jb20vbGludXgvdWJ1bnR1IGJpb25pYyBzdGFibGUiCmFwdCB1cGRhdGUKYXB0IGluc3RhbGwgLXkgZG9ja2VyLWNlPTE4LjA2LjJ+Y2V+My0wfnVidW50dQpjYXQgPiAvZXRjL2RvY2tlci9kYWVtb24uanNvbiA8PEVPRgp7CiAgImV4ZWMtb3B0cyI6IFsibmF0aXZlLmNncm91cGRyaXZlcj1zeXN0ZW1kIl0sCiAgImxvZy1kcml2ZXIiOiAianNvbi1maWxlIiwKICAibG9nLW9wdHMiOiB7CiAgICAibWF4LXNpemUiOiAiMTAwbSIKICB9LAogICJzdG9yYWdlLWRyaXZlciI6ICJvdmVybGF5MiIKfQpFT0YKbWtkaXIgLXAgL2V0Yy9zeXN0ZW1kL3N5c3RlbS9kb2NrZXIuc2VydmljZS5kCnN5c3RlbWN0bCBkYWVtb24tcmVsb2FkCnN5c3RlbWN0bCByZXN0YXJ0IGRvY2tlcgpzd2Fwb2ZmIC1hCm12IC9ldGMvZnN0YWIgL2V0Yy9mc3RhYi5vbGQgJiYgZ3JlcCAtdiBzd2FwIC9ldGMvZnN0YWIub2xkID4gL2V0Yy9mc3RhYgpjYXQgPDxFT0YgfCB0ZWUgL2V0Yy9kZWZhdWx0L2t1YmVsZXQKS1VCRUxFVF9FWFRSQV9BUkdTPS0tY2xvdWQtcHJvdmlkZXI9ZXh0ZXJuYWwKRU9GCmt1YmVhZG0gam9pbiAtLWRpc2NvdmVyeS10b2tlbi11bnNhZmUtc2tpcC1jYS12ZXJpZmljYXRpb24gLS10b2tlbiBuZjhhdGYua3dmczF0MTVwam1oazduNCA5My4xMTUuMjkuNDQ6ODQ0Mwo=
     hostname-pattern=k8s-{{.ClusterName}}-{{.NodeGroup}}-{{.RandString8}}
 ---
 # The following secret is only required when using bootstrap tokens in cloudinit