From ed2f5eda9c1dea8c99a755a86e1fbc482a9dff2b Mon Sep 17 00:00:00 2001 From: Nishchay Date: Thu, 30 Apr 2026 18:03:37 -0700 Subject: [PATCH] fix: dont run scriptless phase2 if preprovision is turned on --- e2e/vmss.go | 2 +- pkg/agent/baker.go | 4 +-- pkg/agent/baker_test.go | 68 +++++++++++++++++++++++++++++++++++++++-- 3 files changed, 68 insertions(+), 6 deletions(-) diff --git a/e2e/vmss.go b/e2e/vmss.go index e84fe77a6fc..d9260bf6407 100644 --- a/e2e/vmss.go +++ b/e2e/vmss.go @@ -355,7 +355,7 @@ func createVMSSModel(ctx context.Context, s *Scenario) armcompute.VirtualMachine require.NoError(s.T, err) cse = nodeBootstrapping.CSE customData = nodeBootstrapping.CustomData - if s.Runtime.NBC.EnableScriptlessNBCCSECmd && !config.Config.DisableScriptLessCompilation && !s.Tags.NetworkIsolated { + if s.Runtime.NBC.EnableScriptlessNBCCSECmd && !config.Config.DisableScriptLessCompilation && !s.Tags.NetworkIsolated && !s.Runtime.NBC.PreProvisionOnly { binaryURL, err := CachedCompileAndUploadAKSNodeController(ctx, s.VHD.Arch) require.NoError(s.T, err, "failed to compile and upload aks-node-controller binary") customData, err = CustomDataWithNBCCmdHack(s, customData, binaryURL) diff --git a/pkg/agent/baker.go b/pkg/agent/baker.go index 7767f8228a4..e3d2d24aa7f 100644 --- a/pkg/agent/baker.go +++ b/pkg/agent/baker.go @@ -92,7 +92,7 @@ func (t *TemplateGenerator) getWindowsNodeBootstrappingPayload(config *datamodel } func (t *TemplateGenerator) getLinuxNodeBootstrappingPayload(config *datamodel.NodeBootstrappingConfiguration) string { - if config.EnableScriptlessNBCCSECmd { + if config.EnableScriptlessNBCCSECmd && !config.PreProvisionOnly { config.DisableCustomData = true config.EnableScriptlessCSECmd = true nbcCMD := t.getLinuxNodeCSECommand(config) @@ -352,7 +352,7 @@ func (t *TemplateGenerator) getNodeBootstrappingCmd(config *datamodel.NodeBootst if config.AgentPoolProfile.IsWindows() { return t.getWindowsNodeCSECommand(config) } - if config.EnableScriptlessNBCCSECmd { + if config.EnableScriptlessNBCCSECmd && !config.PreProvisionOnly { return "/opt/azure/containers/aks-node-controller provision-wait" } return t.getLinuxNodeCSECommand(config) diff --git a/pkg/agent/baker_test.go b/pkg/agent/baker_test.go index d4569f09565..3e4b2c17670 100644 --- a/pkg/agent/baker_test.go +++ b/pkg/agent/baker_test.go @@ -1286,14 +1286,14 @@ var _ = Describe("getLinuxNodeCSECommand", func() { }) var _ = Describe("getLinuxNodeBootstrappingPayload", func() { - It("should persist nodecustomdata in the scriptless NBC boothook", func() { - templateGenerator := InitializeTemplateGenerator() + newConfig := func(preProvisionOnly bool) *datamodel.NodeBootstrappingConfiguration { agentPoolProfile := &datamodel.AgentPoolProfile{ Name: "nodepool1", OSType: datamodel.Linux, Distro: datamodel.AKSUbuntuContainerd2204Gen2, } - config := &datamodel.NodeBootstrappingConfiguration{ + + return &datamodel.NodeBootstrappingConfiguration{ ContainerService: &datamodel.ContainerService{ Location: "eastus", Properties: &datamodel.Properties{ @@ -1315,7 +1315,13 @@ var _ = Describe("getLinuxNodeBootstrappingPayload", func() { K8sComponents: &datamodel.K8sComponents{}, KubeletConfig: map[string]string{}, EnableScriptlessNBCCSECmd: true, + PreProvisionOnly: preProvisionOnly, } + } + + It("should persist nodecustomdata in the scriptless NBC boothook", func() { + templateGenerator := InitializeTemplateGenerator() + config := newConfig(false) payload := templateGenerator.getLinuxNodeBootstrappingPayload(config) decodedPayload, err := base64.StdEncoding.DecodeString(payload) @@ -1330,6 +1336,62 @@ var _ = Describe("getLinuxNodeBootstrappingPayload", func() { Expect(string(decodedPayload)).To(ContainSubstring(encodedNodeCustomData)) Expect(string(decodedPayload)).To(ContainSubstring(nbcCmdFilePath)) }) + + It("should fall back to regular custom data when pre-provisioning is enabled", func() { + templateGenerator := InitializeTemplateGenerator() + config := newConfig(true) + + payload := templateGenerator.getLinuxNodeBootstrappingPayload(config) + decodedPayload, err := base64.StdEncoding.DecodeString(payload) + Expect(err).NotTo(HaveOccurred()) + + decompressedPayload, err := getGzipDecodedValue(decodedPayload) + Expect(err).NotTo(HaveOccurred()) + + expectedCustomData := getCustomDataFromJSON(templateGenerator.getLinuxNodeCustomDataJSONObject(config)) + + Expect(string(decompressedPayload)).To(Equal(expectedCustomData)) + Expect(string(decompressedPayload)).NotTo(ContainSubstring(nodeCustomDataPath)) + Expect(string(decompressedPayload)).NotTo(ContainSubstring(nbcCmdFilePath)) + }) +}) + +var _ = Describe("getNodeBootstrappingCmd", func() { + It("should use the regular linux CSE command when pre-provisioning is enabled", func() { + templateGenerator := InitializeTemplateGenerator() + agentPoolProfile := &datamodel.AgentPoolProfile{ + Name: "nodepool1", + OSType: datamodel.Linux, + Distro: datamodel.AKSUbuntuContainerd2204Gen2, + } + config := &datamodel.NodeBootstrappingConfiguration{ + ContainerService: &datamodel.ContainerService{ + Location: "eastus", + Properties: &datamodel.Properties{ + OrchestratorProfile: &datamodel.OrchestratorProfile{ + OrchestratorVersion: "1.29.0", + OrchestratorType: datamodel.Kubernetes, + KubernetesConfig: &datamodel.KubernetesConfig{ + ContainerRuntimeConfig: map[string]string{}, + }, + }, + HostedMasterProfile: &datamodel.HostedMasterProfile{ + FQDN: "test-cluster.hcp.eastus.azmk8s.io", + }, + AgentPoolProfiles: []*datamodel.AgentPoolProfile{agentPoolProfile}, + }, + }, + AgentPoolProfile: agentPoolProfile, + CloudSpecConfig: datamodel.AzurePublicCloudSpecForTest, + K8sComponents: &datamodel.K8sComponents{}, + KubeletConfig: map[string]string{}, + EnableScriptlessNBCCSECmd: true, + PreProvisionOnly: true, + } + + Expect(templateGenerator.getNodeBootstrappingCmd(config)).To(Equal(templateGenerator.getLinuxNodeCSECommand(config))) + Expect(templateGenerator.getNodeBootstrappingCmd(config)).NotTo(Equal("/opt/azure/containers/aks-node-controller provision-wait")) + }) }) var _ = Describe("cloudInitToButane", func() {