Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: pass AWS_REGION to etcd-manager #6099

Closed
wants to merge 2 commits into from
Closed

fix: pass AWS_REGION to etcd-manager #6099

wants to merge 2 commits into from

Conversation

knight42
Copy link
Member

Fixes #6098

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Nov 19, 2018
@k8s-ci-robot
Copy link
Contributor

Hi @knight42. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Nov 19, 2018
@knight42
Copy link
Member Author

/assign @justinsb

@rdrgmnzs
Copy link
Contributor

rdrgmnzs commented Nov 19, 2018
edited
Loading

Thanks @knight42
/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. lgtm "Looks good to me", indicates that a PR is ready to be merged. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Nov 19, 2018
@rdrgmnzs
Copy link
Contributor

rdrgmnzs commented Nov 19, 2018
edited
Loading

We actually probably need a better way to pass the region to etcd-manager. The region the s3 bucket is in may not always be the region the cluster is running in.

@justinsb what do you think about setting this so that is defaults to the region the bucket is in but so that the user can overwrite the setting through the spec?

@knight42
Copy link
Member Author

ping @justinsb

Any suggestion?

justinsb
justinsb reviewed Nov 24, 2018
View reviewed changes
pkg/model/components/etcdmanager/model.go
@@ -342,6 +342,9 @@ func (b *EtcdManagerBuilder) buildPod(etcdCluster *kops.EtcdClusterSpec) (*v1.Po
awsup.TagNameRolePrefix + "master=1",
}
config.VolumeNameTag = awsup.TagNameEtcdClusterPrefix + etcdCluster.Name
container.Env = []v1.EnvVar{
{Name: "AWS_REGION", Value: os.Getenv("AWS_REGION")},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is AWS_REGION set to the state store bucket? I thought we decided it wasn't necessarily the case.

I think we need to explicitly figure out the region of the bucket, and pass that in.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@justinsb If we could infer the region of the bucket that would be best, but the path to the state store bucket is often written in S3Uri, like s3://kops-state-store, one may not figure out the region easily.

@justinsb
Copy link
Member

Thanks for the fix - I think it's the right idea. What we need to be sure of though is that the AWS_REGION we pass in is indeed the correct region, and I don't think that is necessarily the AWS_REGION that is set for kops. (I think for example you can just set the region in the aws config file, and never set AWS_REGION).

We also shouldn't really set AWS_REGION if AWS_REGION isn't set locally, and in particular not when we're on GCE :-)

@knight42
Copy link
Member Author

knight42 commented Nov 25, 2018
edited
Loading

What we need to be sure of though is that the AWS_REGION we pass in is indeed the correct region, and I don't think that is necessarily the AWS_REGION that is set for kops.

As mentioned above, the path to the state store bucket is often written in S3Uri, which means the bucket is usually in the same region of the EC2 instances, which means in most of the cases, AWS_REGION is indeed the correct region.

We also shouldn't really set AWS_REGION if AWS_REGION isn't set locally, and in particular not when we're on GCE :-)

Given the context, we could see that only if the cloud provider was AWS, we would set the AWS_REGION.

@knight42
Copy link
Member Author

knight42 commented Jan 3, 2019

@rdrgmnzs @justinsb any updates on this?

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 18, 2019
@bksteiny
Copy link
Contributor

I am also running into this problem, and this code fixed my issue while testing the 1.12 beta. If I understand the problem correctly, the current Kops implementation of etcd-manager introduces a breaking change and can't be used if the s3 bucket for a cluster is either in AWS China or (assuming) AWS Gov, right? I can upgrade/revert my test cluster all day with Kops 1.11.x in AWS China, but not with the current implementation in Kops 1.12.

@justinsb - instead of defaulting to the region the cluster is in, are you suggesting the bucket region be explicitly defined in either the cluster spec or some other environment variable? Are you open to @rdrgmnzs's suggestion by defaulting to the same region as the cluster unless otherwise specified somewhere (assuming the cluster spec)?

It sounds like folks are open to resolving this because it is definitely a blocker, but we need to know the preferred way to address it.

@k8s-ci-robot
Copy link
Contributor

New changes are detected. LGTM label has been removed.

@k8s-ci-robot k8s-ci-robot removed lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Apr 12, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: knight42
To fully approve this pull request, please assign additional approvers.
We suggest the following additional approver: justinsb

If they are not already assigned, you can assign the PR to them by writing /assign @justinsb in a comment when ready.

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@mikesplain mikesplain added this to the 1.14 milestone Apr 23, 2019
@bksteiny
Copy link
Contributor

bksteiny commented May 9, 2019
edited
Loading

@justinsb do you have any feedback on this? We talked about this PR during the previous 2 office hour meetings.

@mikesplain
Copy link
Contributor

Just a quick update for watchers, we did discuss this again today in office hours. Currently we're going to hold the release for this and I believe @justinsb will chime in shortly. If this requires a bunch of rework, we're going to plan to cut 1.12 and add this in a patch or 1.13, whichever comes first.

@bksteiny
Copy link
Contributor

Thanks for the update, @mikesplain!

@knight42
Copy link
Member Author

Close in favor of #6943

@knight42 knight42 closed this May 17, 2019
@knight42 knight42 deleted the fix/etcd-manager branch May 17, 2019 03:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justinsb justinsb justinsb left review comments

@chrisz100 chrisz100 Awaiting requested review from chrisz100

@robinpercy robinpercy Awaiting requested review from robinpercy

Assignees

@justinsb justinsb

@rdrgmnzs rdrgmnzs

Labels
blocks-next cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
v1.14
Development

Successfully merging this pull request may close these issues.

protokube not specify the AWS_REGION in the manifest of etcd-manager
6 participants
@knight42 @k8s-ci-robot @rdrgmnzs @justinsb @bksteiny @mikesplain