Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: move AMIs from instances to nodegroups #74

Merged
merged 2 commits into from
Apr 8, 2023
Merged

chore: move AMIs from instances to nodegroups #74

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
29493f5
move AMIs from instances to nodegroups
kbeniwal Apr 7, 2023
72728a0
AmazonMachineImage should not be an array
kbeniwal Apr 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions api/v1alpha1/awsadapterconfig_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ type EKSNodeGroup struct {
CapacityType string `json:"capacityType,omitempty"`
AMIReleaseVersion *string `json:"amiReleaseVersion,omitempty"`
Subnets []string `json:"subnets,omitempty"`
InstanceTypes []string `json:"instanceTypes,omitempty"`
AmazonMachineImage AmazonMachineImage `json:"amazonMachineImage,omitempty"`
UpdateConfig *EKSNodeGroupUpdateConfig `json:"updateConfig,omitempty"`
ScalingConfig *EKSNodeGroupScalingConfig `json:"scalingConfig,omitempty"`
LaunchTemplate *EC2LaunchTemplate `json:"launchTemplate,omitempty"`
Expand All @@ -115,14 +115,14 @@ type Reservation struct {
}

type Instance struct {
HttpPutResponseHopLimit *int32 `json:"httpPutResponseHopLimit,omitempty"`
PublicDnsName *string `json:"publicDnsName,omitempty"`
AmazonMachineImage *AmazonMachineImage `json:"amazonMachineImage,omitempty"`
HttpPutResponseHopLimit *int32 `json:"httpPutResponseHopLimit,omitempty"`
PublicDnsName *string `json:"publicDnsName,omitempty"`
}

type AmazonMachineImage struct {
Id *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
InstanceType string `json:"instanceType,omitempty"`
Location *string `json:"location,omitempty"`
Type string `json:"type,omitempty"`
Architecture string `json:"architecture,omitempty"`
Expand Down
11 changes: 1 addition & 10 deletions api/v1alpha1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

56 changes: 27 additions & 29 deletions charts/kyverno-aws-adapter/crds/security.nirmata.io_awsadapterconfigs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,33 @@ spec:
description: EKSNodeGroup contains info of the EKS cluster's
node group
properties:
amazonMachineImage:
properties:
architecture:
type: string
creationTime:
type: string
deprecationTime:
type: string
id:
type: string
instanceType:
type: string
location:
type: string
name:
type: string
ownerId:
type: string
platformDetails:
type: string
public:
type: boolean
state:
type: string
type:
type: string
type: object
amiReleaseVersion:
type: string
amiType:
Expand All @@ -139,10 +166,6 @@ spec:
type: array
type: object
type: array
instanceTypes:
items:
type: string
type: array
labels:
additionalProperties:
type: string
Expand Down Expand Up @@ -248,31 +271,6 @@ spec:
type: integer
publicDnsName:
type: string
amazonMachineImage:
properties:
id:
type: string
name:
type: string
location:
type: string
type:
type: string
architecture:
type: string
public:
type: boolean
platformDetails:
type: string
ownerId:
type: string
creationTime:
type: string
deprecationTime:
type: string
state:
type: string
type: object
type: object
type: array
type: object
Expand Down
56 changes: 27 additions & 29 deletions config/crd/bases/security.nirmata.io_awsadapterconfigs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,33 @@ spec:
description: EKSNodeGroup contains info of the EKS cluster's
node group
properties:
amazonMachineImage:
properties:
architecture:
type: string
creationTime:
type: string
deprecationTime:
type: string
id:
type: string
instanceType:
type: string
location:
type: string
name:
type: string
ownerId:
type: string
platformDetails:
type: string
public:
type: boolean
state:
type: string
type:
type: string
type: object
amiReleaseVersion:
type: string
amiType:
Expand All @@ -139,10 +166,6 @@ spec:
type: array
type: object
type: array
instanceTypes:
items:
type: string
type: array
labels:
additionalProperties:
type: string
Expand Down Expand Up @@ -243,31 +266,6 @@ spec:
instances:
items:
properties:
amazonMachineImage:
properties:
architecture:
type: string
creationTime:
type: string
deprecationTime:
type: string
id:
type: string
location:
type: string
name:
type: string
ownerId:
type: string
platformDetails:
type: string
public:
type: boolean
state:
type: string
type:
type: string
type: object
httpPutResponseHopLimit:
format: int32
type: integer
Expand Down
85 changes: 53 additions & 32 deletions controllers/awsadapterconfig_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -253,9 +253,9 @@ func (r *AWSAdapterConfigReconciler) Reconcile(ctx context.Context, req ctrl.Req
}

if x, err := eksClient.ListNodegroups(context.TODO(), &eks.ListNodegroupsInput{ClusterName: objOld.Spec.Name}); err == nil {
objNew.Status.EKSCluster.Compute.NodeGroups = []*securityv1alpha1.EKSNodeGroup{}
pns-nirmata marked this conversation as resolved.
Show resolved Hide resolved
for _, v := range x.Nodegroups {
if y, err := eksClient.DescribeNodegroup(context.TODO(), &eks.DescribeNodegroupInput{ClusterName: objOld.Spec.Name, NodegroupName: &v}); err == nil {
objNew.Status.EKSCluster.Compute.NodeGroups = []*securityv1alpha1.EKSNodeGroup{}
var launchTemplate *securityv1alpha1.EC2LaunchTemplate
if y.Nodegroup.LaunchTemplate != nil {
launchTemplate = &securityv1alpha1.EC2LaunchTemplate{
Expand Down Expand Up @@ -297,6 +297,47 @@ func (r *AWSAdapterConfigReconciler) Reconcile(ctx context.Context, req ctrl.Req
}
}

x, err := ec2Client.DescribeInstances(context.TODO(), &ec2.DescribeInstancesInput{
Filters: []types.Filter{
{
Name: aws.String("tag:aws:eks:cluster-name"),
Values: []string{
*objOld.Spec.Name,
},
},
{
Name: aws.String("tag:eks:nodegroup-name"),
Values: []string{
v,
},
},
},
})
if err != nil {
l.Error(err, "error occurred while fetching EC2 instances")
return r.updateLastPollStatusFailure(ctx, objOld, "error occurred while fetching EC2 instances", err, &l, time.Now())
}

ami, err := getAmi(ctx, ec2Client, x.Reservations[0].Instances[0].ImageId)
if err != nil {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So it seems we are saving one of the many AMIs of the instances that a nodegroup might have. Because Nodegroup has a single AMIType, but multiple AMI Ids corresponding to that type, with variations in AMI fields like location, createtime, owner etc. Depending upon what fields of AMI are of interest, we might be ok with storing any one of the AMIs.

l.Error(err, "error occurred while fetching AMI")
return r.updateLastPollStatusFailure(ctx, objOld, "error occurred while fetching AMI", err, &l, time.Now())
}
amazonMachineImage := securityv1alpha1.AmazonMachineImage{
Id: ami.ImageId,
Name: ami.Name,
InstanceType: y.Nodegroup.InstanceTypes[0],
Location: ami.ImageLocation,
Type: string(ami.ImageType),
Architecture: string(ami.Architecture),
Public: ami.Public,
PlatformDetails: ami.PlatformDetails,
Ownerid: ami.OwnerId,
CreationTime: ami.CreationDate,
DeprecationTime: ami.DeprecationTime,
State: string(ami.State),
}

objNew.Status.EKSCluster.Compute.NodeGroups = append(objNew.Status.EKSCluster.Compute.NodeGroups, &securityv1alpha1.EKSNodeGroup{
Name: v,
ScalingConfig: &securityv1alpha1.EKSNodeGroupScalingConfig{
Expand All @@ -309,10 +350,10 @@ func (r *AWSAdapterConfigReconciler) Reconcile(ctx context.Context, req ctrl.Req
AMIReleaseVersion: y.Nodegroup.ReleaseVersion,
HealthIssues: healthIssues,
AMIType: string(y.Nodegroup.AmiType),
AmazonMachineImage: amazonMachineImage,
CapacityType: string(y.Nodegroup.CapacityType),
CreatedAt: y.Nodegroup.CreatedAt.String(),
DiskSize: y.Nodegroup.DiskSize,
InstanceTypes: y.Nodegroup.InstanceTypes,
NodegroupArn: y.Nodegroup.NodegroupArn,
NodeRole: y.Nodegroup.NodeRole,
RemoteAccessConfig: remoteAccessConfig,
Expand Down Expand Up @@ -370,40 +411,20 @@ func (r *AWSAdapterConfigReconciler) Reconcile(ctx context.Context, req ctrl.Req
l.Error(err, "error occurred while fetching EC2 instances")
return r.updateLastPollStatusFailure(ctx, objOld, "error occurred while fetching EC2 instances", err, &l, time.Now())
} else {
tmpRes := []*securityv1alpha1.Reservation{}
for _, res := range x.Reservations {
tmpRes := []*securityv1alpha1.Reservation{}
tmpIn := []*securityv1alpha1.Instance{}
for _, i := range res.Instances {
if ami, err := getAmi(ctx, ec2Client, i.ImageId); err != nil {
l.Error(err, "error occurred while fetching AMI")
return r.updateLastPollStatusFailure(ctx, objOld, "error occurred while fetching AMI", err, &l, time.Now())
} else {
tmpAmi := &securityv1alpha1.AmazonMachineImage{
Id: ami.ImageId,
Name: ami.Name,
Location: ami.ImageLocation,
Type: string(ami.ImageType),
Architecture: string(ami.Architecture),
Public: ami.Public,
PlatformDetails: ami.PlatformDetails,
Ownerid: ami.OwnerId,
CreationTime: ami.CreationDate,
DeprecationTime: ami.DeprecationTime,
State: string(ami.State),
}

tmpIn := []*securityv1alpha1.Instance{}
tmpIn = append(tmpIn, &securityv1alpha1.Instance{
PublicDnsName: i.PublicDnsName,
HttpPutResponseHopLimit: i.MetadataOptions.HttpPutResponseHopLimit,
AmazonMachineImage: tmpAmi,
})
tmpRes = append(tmpRes, &securityv1alpha1.Reservation{
Instances: tmpIn,
})
}
tmpIn = append(tmpIn, &securityv1alpha1.Instance{
PublicDnsName: i.PublicDnsName,
HttpPutResponseHopLimit: i.MetadataOptions.HttpPutResponseHopLimit,
})
}
objNew.Status.EKSCluster.Compute.Reservations = tmpRes
tmpRes = append(tmpRes, &securityv1alpha1.Reservation{
Instances: tmpIn,
})
}
objNew.Status.EKSCluster.Compute.Reservations = tmpRes
}

if x, err := ecrClient.DescribeRepositories(ctx, &ecr.DescribeRepositoriesInput{}); err != nil {
Expand Down