feat: Enabling SSH on windows nodes by default (Azure#2759)

AbelHu · May 26, 2020 · 326e014 · 326e014
1 parent 2c68d52
commit 326e014
Show file tree

Hide file tree

Showing 13 changed files with 159 additions and 46 deletions.
diff --git a/pkg/api/const.go b/pkg/api/const.go
@@ -468,6 +468,8 @@ const (
 	DefaultNonMasqueradeCIDR = "0.0.0.0/0"
 	// DefaultKubeProxyMode is the default KubeProxyMode value
 	DefaultKubeProxyMode KubeProxyMode = KubeProxyModeIPTables
+	// DefaultWindowsSSHEnabled is the default windowsProfile.sshEnabled value
+	DefaultWindowsSSHEnabled = true
 )
 
 const (

diff --git a/pkg/api/converterfromapi.go b/pkg/api/converterfromapi.go
@@ -206,7 +206,9 @@ func convertWindowsProfileToVLabs(api *WindowsProfile, vlabsProfile *vlabs.Windo
 		convertKeyVaultSecretsToVlabs(&s, secret)
 		vlabsProfile.Secrets = append(vlabsProfile.Secrets, *secret)
 	}
-	vlabsProfile.SSHEnabled = api.SSHEnabled
+	if api.SSHEnabled != nil {
+		vlabsProfile.SSHEnabled = api.SSHEnabled
+	}
 	vlabsProfile.EnableAutomaticUpdates = api.EnableAutomaticUpdates
 	if api.LicenseType != nil {
 		licenseType := vlabs.WindowsLicenseType(*api.LicenseType)

diff --git a/pkg/api/converterfromapi_test.go b/pkg/api/converterfromapi_test.go
@@ -766,7 +766,7 @@ func TestConvertWindowsProfileToVlabs(t *testing.T) {
 				AdminPassword:          "password",
 				EnableAutomaticUpdates: &falseVar,
 				ImageVersion:           "17763.615.1907121548",
-				SSHEnabled:             false,
+				SSHEnabled:             &falseVar,
 				WindowsPublisher:       "MicrosoftWindowsServer",
 				WindowsOffer:           "WindowsServer",
 				WindowsSku:             "2019-Datacenter-Core-smalldisk",
@@ -778,7 +778,7 @@ func TestConvertWindowsProfileToVlabs(t *testing.T) {
 				AdminPassword:          "password",
 				EnableAutomaticUpdates: &falseVar,
 				ImageVersion:           "17763.615.1907121548",
-				SSHEnabled:             false,
+				SSHEnabled:             &falseVar,
 				WindowsPublisher:       "MicrosoftWindowsServer",
 				WindowsOffer:           "WindowsServer",
 				WindowsSku:             "2019-Datacenter-Core-smalldisk",

diff --git a/pkg/api/convertertoapi.go b/pkg/api/convertertoapi.go
@@ -200,7 +200,9 @@ func convertVLabsWindowsProfile(vlabs *vlabs.WindowsProfile, api *WindowsProfile
 		convertVLabsKeyVaultSecrets(&s, secret)
 		api.Secrets = append(api.Secrets, *secret)
 	}
-	api.SSHEnabled = vlabs.SSHEnabled
+	if vlabs.SSHEnabled != nil {
+		api.SSHEnabled = vlabs.SSHEnabled
+	}
 	api.EnableAutomaticUpdates = vlabs.EnableAutomaticUpdates
 	if vlabs.LicenseType != nil {
 		licenseType := WindowsLicenseType(*vlabs.LicenseType)

diff --git a/pkg/api/convertertoapi_test.go b/pkg/api/convertertoapi_test.go
@@ -876,7 +876,7 @@ func TestConvertVLabsWindowsProfile(t *testing.T) {
 				AdminPassword:          "password",
 				EnableAutomaticUpdates: &falseVar,
 				ImageVersion:           "17763.615.1907121548",
-				SSHEnabled:             false,
+				SSHEnabled:             &falseVar,
 				WindowsPublisher:       "MicrosoftWindowsServer",
 				WindowsOffer:           "WindowsServer",
 				WindowsSku:             "2019-Datacenter-Core-smalldisk",
@@ -888,7 +888,7 @@ func TestConvertVLabsWindowsProfile(t *testing.T) {
 				AdminPassword:          "password",
 				EnableAutomaticUpdates: &falseVar,
 				ImageVersion:           "17763.615.1907121548",
-				SSHEnabled:             false,
+				SSHEnabled:             &falseVar,
 				WindowsPublisher:       "MicrosoftWindowsServer",
 				WindowsOffer:           "WindowsServer",
 				WindowsSku:             "2019-Datacenter-Core-smalldisk",

diff --git a/pkg/api/defaults.go b/pkg/api/defaults.go
@@ -712,24 +712,52 @@ func (p *Properties) setAgentProfileDefaults(isUpgrade, isScale bool) {
 func (p *Properties) setWindowsProfileDefaults(isUpgrade, isScale bool) {
 	windowsProfile := p.WindowsProfile
 	if !isUpgrade && !isScale {
-		if windowsProfile.WindowsPublisher == "" {
-			windowsProfile.WindowsPublisher = AKSWindowsServer2019OSImageConfig.ImagePublisher
-		}
-		if windowsProfile.WindowsOffer == "" {
-			windowsProfile.WindowsOffer = AKSWindowsServer2019OSImageConfig.ImageOffer
-		}
-		if windowsProfile.WindowsSku == "" {
-			windowsProfile.WindowsSku = AKSWindowsServer2019OSImageConfig.ImageSku
+		if windowsProfile.SSHEnabled == nil {
+			windowsProfile.SSHEnabled = to.BoolPtr(DefaultWindowsSSHEnabled)
 		}
 
-		if windowsProfile.ImageVersion == "" {
-			// default versions are specific to a publisher/offer/sku
-			if windowsProfile.WindowsPublisher == AKSWindowsServer2019OSImageConfig.ImagePublisher && windowsProfile.WindowsOffer == AKSWindowsServer2019OSImageConfig.ImageOffer && windowsProfile.WindowsSku == AKSWindowsServer2019OSImageConfig.ImageSku {
-				windowsProfile.ImageVersion = AKSWindowsServer2019OSImageConfig.ImageVersion
-			} else if windowsProfile.WindowsPublisher == WindowsServer2019OSImageConfig.ImagePublisher && windowsProfile.WindowsOffer == WindowsServer2019OSImageConfig.ImageOffer && windowsProfile.WindowsSku == WindowsServer2019OSImageConfig.ImageSku {
-				windowsProfile.ImageVersion = WindowsServer2019OSImageConfig.ImageVersion
-			} else {
-				windowsProfile.ImageVersion = "latest"
+		// This allows caller to use the latest ImageVersion and WindowsSku for adding a new Windows pool to an existing cluster.
+		// We must assure that same WindowsPublisher and WindowsOffer are used in an existing cluster.
+		if windowsProfile.WindowsPublisher == AKSWindowsServer2019OSImageConfig.ImagePublisher && windowsProfile.WindowsOffer == AKSWindowsServer2019OSImageConfig.ImageOffer {
+			if windowsProfile.WindowsSku == "" {
+				windowsProfile.WindowsSku = AKSWindowsServer2019OSImageConfig.ImageSku
+			}
+			if windowsProfile.ImageVersion == "" {
+				if windowsProfile.WindowsSku == AKSWindowsServer2019OSImageConfig.ImageSku {
+					windowsProfile.ImageVersion = AKSWindowsServer2019OSImageConfig.ImageVersion
+				} else {
+					windowsProfile.ImageVersion = "latest"
+				}
+			}
+		} else if windowsProfile.WindowsPublisher == WindowsServer2019OSImageConfig.ImagePublisher && windowsProfile.WindowsOffer == WindowsServer2019OSImageConfig.ImageOffer {
+			if windowsProfile.WindowsSku == "" {
+				windowsProfile.WindowsSku = WindowsServer2019OSImageConfig.ImageSku
+			}
+			if windowsProfile.ImageVersion == "" {
+				if windowsProfile.WindowsSku == WindowsServer2019OSImageConfig.ImageSku {
+					windowsProfile.ImageVersion = WindowsServer2019OSImageConfig.ImageVersion
+				} else {
+					windowsProfile.ImageVersion = "latest"
+				}
+			}
+		} else {
+			if windowsProfile.WindowsPublisher == "" {
+				windowsProfile.WindowsPublisher = AKSWindowsServer2019OSImageConfig.ImagePublisher
+			}
+			if windowsProfile.WindowsOffer == "" {
+				windowsProfile.WindowsOffer = AKSWindowsServer2019OSImageConfig.ImageOffer
+			}
+			if windowsProfile.WindowsSku == "" {
+				windowsProfile.WindowsSku = AKSWindowsServer2019OSImageConfig.ImageSku
+			}
+
+			if windowsProfile.ImageVersion == "" {
+				// default versions are specific to a publisher/offer/sku
+				if windowsProfile.WindowsPublisher == AKSWindowsServer2019OSImageConfig.ImagePublisher && windowsProfile.WindowsOffer == AKSWindowsServer2019OSImageConfig.ImageOffer && windowsProfile.WindowsSku == AKSWindowsServer2019OSImageConfig.ImageSku {
+					windowsProfile.ImageVersion = AKSWindowsServer2019OSImageConfig.ImageVersion
+				} else {
+					windowsProfile.ImageVersion = "latest"
+				}
 			}
 		}
 	} else if isUpgrade {

diff --git a/pkg/api/defaults_test.go b/pkg/api/defaults_test.go
@@ -1743,6 +1743,7 @@ func TestDistroDefaults(t *testing.T) {
 }
 
 func TestWindowsProfileDefaults(t *testing.T) {
+	trueVar := true
 
 	var tests = []struct {
 		name                   string // test case name
@@ -1764,7 +1765,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            &trueVar,
 			},
 			false,
 			false,
@@ -1786,14 +1787,36 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            &trueVar,
 			},
 			false,
 			false,
 			false,
 		},
 		{
-			"aks vhd specific version in creating",
+			"aks vhd override sku in creating",
+			WindowsProfile{
+				WindowsPublisher: AKSWindowsServer2019OSImageConfig.ImagePublisher,
+				WindowsOffer:     AKSWindowsServer2019OSImageConfig.ImageOffer,
+				WindowsSku:       "override",
+			},
+			WindowsProfile{
+				WindowsPublisher:      AKSWindowsServer2019OSImageConfig.ImagePublisher,
+				WindowsOffer:          AKSWindowsServer2019OSImageConfig.ImageOffer,
+				WindowsSku:            "override",
+				ImageVersion:          "latest",
+				AdminUsername:         "",
+				AdminPassword:         "",
+				WindowsImageSourceURL: "",
+				WindowsDockerVersion:  "",
+				SSHEnabled:            &trueVar,
+			},
+			false,
+			false,
+			false,
+		},
+		{
+			"aks vhd override version in creating",
 			WindowsProfile{
 				WindowsPublisher: AKSWindowsServer2019OSImageConfig.ImagePublisher,
 				WindowsOffer:     AKSWindowsServer2019OSImageConfig.ImageOffer,
@@ -1809,7 +1832,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            &trueVar,
 			},
 			false,
 			false,
@@ -1831,7 +1854,51 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            &trueVar,
+			},
+			false,
+			false,
+			false,
+		},
+		{
+			"vanilla vhd override sku in creating",
+			WindowsProfile{
+				WindowsPublisher: WindowsServer2019OSImageConfig.ImagePublisher,
+				WindowsOffer:     WindowsServer2019OSImageConfig.ImageOffer,
+				WindowsSku:       "override",
+			},
+			WindowsProfile{
+				WindowsPublisher:      WindowsServer2019OSImageConfig.ImagePublisher,
+				WindowsOffer:          WindowsServer2019OSImageConfig.ImageOffer,
+				WindowsSku:            "override",
+				ImageVersion:          "latest",
+				AdminUsername:         "",
+				AdminPassword:         "",
+				WindowsImageSourceURL: "",
+				WindowsDockerVersion:  "",
+				SSHEnabled:            &trueVar,
+			},
+			false,
+			false,
+			false,
+		},
+		{
+			"vanilla vhd override version in creating",
+			WindowsProfile{
+				WindowsPublisher: WindowsServer2019OSImageConfig.ImagePublisher,
+				WindowsOffer:     WindowsServer2019OSImageConfig.ImageOffer,
+				ImageVersion:     "override",
+			},
+			WindowsProfile{
+				WindowsPublisher:      WindowsServer2019OSImageConfig.ImagePublisher,
+				WindowsOffer:          WindowsServer2019OSImageConfig.ImageOffer,
+				WindowsSku:            WindowsServer2019OSImageConfig.ImageSku,
+				ImageVersion:          "override",
+				AdminUsername:         "",
+				AdminPassword:         "",
+				WindowsImageSourceURL: "",
+				WindowsDockerVersion:  "",
+				SSHEnabled:            &trueVar,
 			},
 			false,
 			false,
@@ -1854,7 +1921,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            &trueVar,
 			},
 			false,
 			false,
@@ -1876,7 +1943,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            &trueVar,
 			},
 			false,
 			false,
@@ -1899,7 +1966,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            &trueVar,
 			},
 			false,
 			false,
@@ -1922,7 +1989,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            nil,
 			},
 			false,
 			true,
@@ -1945,7 +2012,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            nil,
 			},
 			false,
 			true,
@@ -1968,7 +2035,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            nil,
 			},
 			false,
 			true,
@@ -1991,7 +2058,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            nil,
 			},
 			false,
 			true,
@@ -2014,7 +2081,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            nil,
 			},
 			false,
 			true,
@@ -2037,7 +2104,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            nil,
 			},
 			false,
 			true,
@@ -2060,7 +2127,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
 				AdminPassword:         "",
 				WindowsImageSourceURL: "",
 				WindowsDockerVersion:  "",
-				SSHEnabled:            false,
+				SSHEnabled:            nil,
 			},
 			false,
 			false,

diff --git a/pkg/api/types.go b/pkg/api/types.go
@@ -1702,6 +1702,14 @@ func (w *WindowsProfile) GetWindowsSku() string {
 	return KubernetesDefaultWindowsSku
 }
 
+// GetSSHEnabled gets it ssh should be enabled for Windows nodes
+func (w *WindowsProfile) GetSSHEnabled() bool {
+	if w.SSHEnabled != nil {
+		return *w.SSHEnabled
+	}
+	return DefaultWindowsSSHEnabled
+}
+
 // GetEnableWindowsUpdate gets the flag for enable windows update or returns the default value
 func (w *WindowsProfile) GetEnableWindowsUpdate() bool {
 	if w.EnableAutomaticUpdates != nil {

diff --git a/pkg/api/types_test.go b/pkg/api/types_test.go
@@ -3257,6 +3257,7 @@ func TestIsDCOS19(t *testing.T) {
 }
 
 func TestWindowsProfile(t *testing.T) {
+	trueVar := true
 	w := WindowsProfile{}
 
 	if w.HasSecrets() || w.HasCustomImage() {
@@ -3334,7 +3335,7 @@ func TestWindowsProfile(t *testing.T) {
 	w = WindowsProfile{
 		WindowsDockerVersion:      "18.03.1-ee-3",
 		WindowsSku:                "Datacenter-Core-1809-with-Containers-smalldisk",
-		SSHEnabled:                true,
+		SSHEnabled:                &trueVar,
 		IsCredentialAutoGenerated: to.BoolPtr(false),
 		LicenseType:               &licenseType,
 	}
@@ -3349,7 +3350,7 @@ func TestWindowsProfile(t *testing.T) {
 		t.Fatalf("Expected GetWindowsSku() to equal Datacenter-Core-1809-with-Containers-smalldisk, got %s", windowsSku)
 	}
 
-	se := w.SSHEnabled
+	se := w.GetSSHEnabled()
 	if !se {
 		t.Fatalf("Expected SSHEnabled to return true, got %v", se)
 	}

diff --git a/pkg/engine/template_generator.go b/pkg/engine/template_generator.go
@@ -592,7 +592,7 @@ func getContainerServiceFuncMap(cs *api.ContainerService) template.FuncMap {
 			return cs.Properties.WindowsProfile.HasCustomImage()
 		},
 		"WindowsSSHEnabled": func() bool {
-			return cs.Properties.WindowsProfile.SSHEnabled
+			return cs.Properties.WindowsProfile.GetSSHEnabled()
 		},
 		"GetConfigurationScriptRootURL": func() string {
 			linuxProfile := cs.Properties.LinuxProfile