Skip to content

Commit

Permalink
Merge pull request #3639 from chrislovecnm/new-phases
Browse files Browse the repository at this point in the history 
Automatic merge from submit-queue.

Renaming IAM Phase to Security

Adding new phases for security group and load balancers lifecycles.  PRs that follow will wire this in
  • Loading branch information
Kubernetes Submit Queue authored Oct 27, 2017
2 parents f3454f9 + ceafc68 commit 03e6047
Show file tree
Hide file tree
Showing 6 changed files with 33 additions and 29 deletions.
11 changes: 2 additions & 9 deletions cmd/kops/integration_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ func TestPhaseNetwork(t *testing.T) {

// TestPhaseIAM tests the output of tf for the iam phase
func TestPhaseIAM(t *testing.T) {
runTestPhase(t, "privateweave.example.com", "lifecycle_phases", "v1alpha2", true, 1, cloudup.PhaseIAM)
runTestPhase(t, "privateweave.example.com", "lifecycle_phases", "v1alpha2", true, 1, cloudup.PhaseSecurity)
}

// TestPhaseCluster tests the output of tf for the cluster phase
Expand All @@ -151,13 +151,6 @@ func TestPhaseCluster(t *testing.T) {
runTestPhase(t, "privateweave.example.com", "lifecycle_phases", "v1alpha2", true, 1, cloudup.PhaseCluster)
}

// TestPhaseCluster tests the output of tf for the security group phase
func TestPhaseSecurityGroup(t *testing.T) {
t.Skip("unable to test until phase is created")
// TODO fix tf for phase, and allow override on validation
// runTestPhase(t, "privateweave.example.com", "lifecycle_phases", "v1alpha2", true, 1, cloudup.SecurityGroups)
}

// TestPhaseCluster tests the output of tf for the loadbalancer phase
func TestPhaseLoadBalancers(t *testing.T) {
t.Skip("unable to test until phase is created")
Expand Down Expand Up @@ -333,7 +326,7 @@ func runTestPhase(t *testing.T, clusterName string, srcDir string, version strin

expectedFilenames := []string{}

if phase == cloudup.PhaseIAM {
if phase == cloudup.PhaseSecurity {
expectedFilenames = []string{
"aws_iam_role_masters." + clusterName + "_policy",
"aws_iam_role_nodes." + clusterName + "_policy",
Expand Down
6 changes: 3 additions & 3 deletions cmd/kops/update_cluster.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ func NewCmdUpdateCluster(f *util.Factory, out io.Writer) *cobra.Command {
cmd.Flags().StringVar(&options.SSHPublicKey, "ssh-public-key", options.SSHPublicKey, "SSH public key to use (deprecated: use kops create secret instead)")
cmd.Flags().StringVar(&options.OutDir, "out", options.OutDir, "Path to write any local output")
cmd.Flags().BoolVar(&options.CreateKubecfg, "create-kube-config", options.CreateKubecfg, "Will control automatically creating the kube config file on your local filesystem")
cmd.Flags().StringVar(&options.Phase, "phase", options.Phase, "Subset of tasks to run: "+strings.Join(cloudup.Phases.List(), ","))
cmd.Flags().StringVar(&options.Phase, "phase", options.Phase, "Subset of tasks to run: "+strings.Join(cloudup.Phases.List(), ", "))
return cmd
}

Expand Down Expand Up @@ -179,10 +179,10 @@ func RunUpdateCluster(f *util.Factory, clusterName string, out io.Writer, c *Upd
switch strings.ToLower(c.Phase) {
case string(cloudup.PhaseStageAssets):
phase = cloudup.PhaseStageAssets
case string(cloudup.PhaseIAM):
phase = cloudup.PhaseIAM
case string(cloudup.PhaseNetwork):
phase = cloudup.PhaseNetwork
case string(cloudup.PhaseSecurity), "iam": // keeping IAM for backwards compatibility
phase = cloudup.PhaseSecurity
case string(cloudup.PhaseCluster):
phase = cloudup.PhaseCluster
default:
Expand Down
2 changes: 1 addition & 1 deletion docs/cli/kops_update_cluster.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ kops update cluster
--create-kube-config Will control automatically creating the kube config file on your local filesystem (default true)
--model string Models to apply (separate multiple models with commas) (default "config,proto,cloudup")
--out string Path to write any local output
--phase string Subset of tasks to run: assets,cluster,iam,network
--phase string Subset of tasks to run: assets, cluster, network, security
--ssh-public-key string SSH public key to use (deprecated: use kops create secret instead)
--target string Target - direct, terraform, cloudformation (default "direct")
--yes Actually create cloud resources
Expand Down
0 ...luster/lifecycle_phases/iam-kubernetes.tf → ...r/lifecycle_phases/security-kubernetes.tf
View file
File renamed without changes.
24 changes: 12 additions & 12 deletions upup/pkg/fi/cloudup/apply_cluster.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -466,40 +466,40 @@ func (c *ApplyClusterCmd) Run() error {
l.WorkDir = c.OutDir
l.ModelStore = modelStore

iamLifecycle := lifecyclePointer(fi.LifecycleSync)
stageAssetsLifecycle := lifecyclePointer(fi.LifecycleSync)
securityLifecycle := lifecyclePointer(fi.LifecycleSync)
networkLifecycle := lifecyclePointer(fi.LifecycleSync)
clusterLifecycle := lifecyclePointer(fi.LifecycleSync)
stageAssetsLifecycle := lifecyclePointer(fi.LifecycleSync)

switch c.Phase {
case Phase(""):
// Everything ... the default
case PhaseStageAssets:
stageAssetsLifecycle = lifecyclePointer(fi.LifecycleSync)
iamLifecycle = lifecyclePointer(fi.LifecycleIgnore)
networkLifecycle = lifecyclePointer(fi.LifecycleIgnore)
securityLifecycle = lifecyclePointer(fi.LifecycleIgnore)
clusterLifecycle = lifecyclePointer(fi.LifecycleIgnore)

case PhaseIAM:
case PhaseNetwork:
stageAssetsLifecycle = lifecyclePointer(fi.LifecycleIgnore)
networkLifecycle = lifecyclePointer(fi.LifecycleIgnore)
securityLifecycle = lifecyclePointer(fi.LifecycleIgnore)
clusterLifecycle = lifecyclePointer(fi.LifecycleIgnore)

case PhaseNetwork:
case PhaseSecurity:
stageAssetsLifecycle = lifecyclePointer(fi.LifecycleIgnore)
iamLifecycle = lifecyclePointer(fi.LifecycleIgnore)
networkLifecycle = lifecyclePointer(fi.LifecycleIgnore)
clusterLifecycle = lifecyclePointer(fi.LifecycleIgnore)

case PhaseCluster:
if c.TargetName == TargetDryRun {
stageAssetsLifecycle = lifecyclePointer(fi.LifecycleExistsAndWarnIfChanges)
iamLifecycle = lifecyclePointer(fi.LifecycleExistsAndWarnIfChanges)
securityLifecycle = lifecyclePointer(fi.LifecycleExistsAndWarnIfChanges)
networkLifecycle = lifecyclePointer(fi.LifecycleExistsAndWarnIfChanges)
} else {
stageAssetsLifecycle = lifecyclePointer(fi.LifecycleIgnore)
iamLifecycle = lifecyclePointer(fi.LifecycleExistsAndValidates)
networkLifecycle = lifecyclePointer(fi.LifecycleExistsAndValidates)
securityLifecycle = lifecyclePointer(fi.LifecycleExistsAndValidates)
}

default:
return fmt.Errorf("unknown phase %q", c.Phase)
}
Expand Down Expand Up @@ -540,15 +540,15 @@ func (c *ApplyClusterCmd) Run() error {
&model.DNSModelBuilder{KopsModelContext: modelContext, Lifecycle: networkLifecycle},
&model.ExternalAccessModelBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle},
&model.FirewallModelBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle},
&model.SSHKeyModelBuilder{KopsModelContext: modelContext, Lifecycle: iamLifecycle},
&model.SSHKeyModelBuilder{KopsModelContext: modelContext, Lifecycle: securityLifecycle},
)

l.Builders = append(l.Builders,
&model.NetworkModelBuilder{KopsModelContext: modelContext, Lifecycle: networkLifecycle},
)

l.Builders = append(l.Builders,
&model.IAMModelBuilder{KopsModelContext: modelContext, Lifecycle: iamLifecycle},
&model.IAMModelBuilder{KopsModelContext: modelContext, Lifecycle: securityLifecycle},
)
case kops.CloudProviderDO:
l.Builders = append(l.Builders,
Expand Down
19 changes: 15 additions & 4 deletions upup/pkg/fi/cloudup/phase.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,24 @@ package cloudup

import "k8s.io/apimachinery/pkg/util/sets"

// Phase is a portion of work that kops completes.
type Phase string

const (
PhaseIAM Phase = "iam"
PhaseNetwork Phase = "network"
PhaseCluster Phase = "cluster"
// PhaseStageAssets uploads various assets such as containers in a private registry
PhaseStageAssets Phase = "assets"
// PhaseNetwork creates network infrastructure.
PhaseNetwork Phase = "network"
// PhaseIAM creates IAM profiles and roles, security groups and firewalls
PhaseSecurity Phase = "security"
// PhaseCluster creates the servers, and load-alancers
PhaseCluster Phase = "cluster"
)

var Phases = sets.NewString(string(PhaseIAM), string(PhaseNetwork), string(PhaseCluster), string(PhaseStageAssets))
// Phases are used for validation and cli help.
var Phases = sets.NewString(
string(PhaseStageAssets),
string(PhaseSecurity),
string(PhaseNetwork),
string(PhaseCluster),
)

0 comments on commit 03e6047

Please sign in to comment.