From 36930ce2f4d4dbfdd9ac52422d4caf62ea709a56 Mon Sep 17 00:00:00 2001 From: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Date: Tue, 5 Oct 2021 15:05:32 +0200 Subject: [PATCH 1/2] Check if managed addons are set when ipv6 is enabled --- examples/29-vpc-with-ip-family.yaml | 5 ++++ pkg/apis/eksctl.io/v1alpha5/types.go | 7 ++++++ pkg/apis/eksctl.io/v1alpha5/validation.go | 24 +++++++++++++++++++ .../eksctl.io/v1alpha5/validation_test.go | 16 +++++++++++++ userdocs/src/usage/vpc-networking.md | 7 +++++- 5 files changed, 58 insertions(+), 1 deletion(-) diff --git a/examples/29-vpc-with-ip-family.yaml b/examples/29-vpc-with-ip-family.yaml index 78792bf93a..e093d7f885 100644 --- a/examples/29-vpc-with-ip-family.yaml +++ b/examples/29-vpc-with-ip-family.yaml @@ -11,4 +11,9 @@ metadata: vpc: ipFamily: IPv6 +addons: + - name: vpc-cni + - name: coredns + - name: kube-proxy + managedNodeGroups: [] diff --git a/pkg/apis/eksctl.io/v1alpha5/types.go b/pkg/apis/eksctl.io/v1alpha5/types.go index 2569a020df..30ac35f697 100644 --- a/pkg/apis/eksctl.io/v1alpha5/types.go +++ b/pkg/apis/eksctl.io/v1alpha5/types.go @@ -325,6 +325,13 @@ const ( IPV6Family IPFamily = "IPv6" ) +// Values for core addons +const ( + VPCCNIAddon = "vpc-cni" + KubeProxyAddon = "kube-proxy" + CoreDNSAddon = "coredns" +) + var ( // DefaultIPFamily defines the default IP family to use when creating a new VPC. DefaultIPFamily = IPV4Family diff --git a/pkg/apis/eksctl.io/v1alpha5/validation.go b/pkg/apis/eksctl.io/v1alpha5/validation.go index d22c75ac34..c3ce4160e1 100644 --- a/pkg/apis/eksctl.io/v1alpha5/validation.go +++ b/pkg/apis/eksctl.io/v1alpha5/validation.go @@ -169,10 +169,34 @@ func (c *ClusterConfig) ValidateVPCConfig() error { if *v != string(IPV4Family) && *v != string(IPV6Family) { return fmt.Errorf("invalid value %s for ipFamily; allowed are %s and %s", *v, IPV4Family, IPV6Family) } + // This is the new vpc check, I need this check when the user sets it. + if *v == string(IPV6Family) { + if missing := c.addonContainsManagedAddons([]string{VPCCNIAddon, CoreDNSAddon, KubeProxyAddon}); len(missing) != 0 { + return fmt.Errorf("the default core addons must be defined in case of IPv6; missing addon(s): %s", strings.Join(missing, ", ")) + } + } } return nil } +// addonContainsManagedAddons finds managed addons in the config and returns those it couldn't find. +func (c *ClusterConfig) addonContainsManagedAddons(addons []string) []string { + var missing []string + for _, a := range addons { + found := false + for _, add := range c.Addons { + if strings.ToLower(add.Name) == a { + found = true + break + } + } + if !found { + missing = append(missing, a) + } + } + return missing +} + // ValidateClusterEndpointConfig checks the endpoint configuration for potential issues func (c *ClusterConfig) ValidateClusterEndpointConfig() error { if !c.HasClusterEndpointAccess() { diff --git a/pkg/apis/eksctl.io/v1alpha5/validation_test.go b/pkg/apis/eksctl.io/v1alpha5/validation_test.go index 269097a8b0..02d61838c8 100644 --- a/pkg/apis/eksctl.io/v1alpha5/validation_test.go +++ b/pkg/apis/eksctl.io/v1alpha5/validation_test.go @@ -546,10 +546,26 @@ var _ = Describe("ClusterConfig validation", func() { It("accepts that setting", func() { ipv6 := string(api.IPV6Family) cfg.VPC.IPFamily = &ipv6 + cfg.Addons = append(cfg.Addons, + &api.Addon{Name: api.KubeProxyAddon}, + &api.Addon{Name: api.CoreDNSAddon}, + &api.Addon{Name: api.VPCCNIAddon}, + ) err = cfg.ValidateVPCConfig() Expect(err).ToNot(HaveOccurred()) }) }) + When("ipFamily is set ot IPv6 but no managed addons are provided", func() { + It("it returns an error including which addons are missing", func() { + ipv6 := string(api.IPV6Family) + cfg.VPC.IPFamily = &ipv6 + cfg.Addons = append(cfg.Addons, + &api.Addon{Name: api.KubeProxyAddon}, + ) + err = cfg.ValidateVPCConfig() + Expect(err).To(MatchError(ContainSubstring("the default core addons must be defined in case of IPv6; missing addon(s): vpc-cni, coredns"))) + }) + }) When("ipFamily isn't IPv4 or IPv6", func() { It("returns an error", func() { invalid := "invalid" diff --git a/userdocs/src/usage/vpc-networking.md b/userdocs/src/usage/vpc-networking.md index fe861a7462..bfb773a3d4 100644 --- a/userdocs/src/usage/vpc-networking.md +++ b/userdocs/src/usage/vpc-networking.md @@ -40,9 +40,14 @@ metadata: vpc: ipFamily: IPv6 # or IPv4 + +addons: + - name: vpc-cni + - name: coredns + - name: kube-proxy ``` -This is an in config file setting only. The default value is `IPv4`. +This is an in config file setting only and managed addons need to be defined when IPv6 is set. The default value is `IPv4`. ## Change VPC CIDR From 5a2cf62d8abd847e95ec50c9789f338f52cc145f Mon Sep 17 00:00:00 2001 From: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Date: Tue, 5 Oct 2021 20:44:56 +0200 Subject: [PATCH 2/2] Update userdocs/src/usage/vpc-networking.md Co-authored-by: Jake Klein --- userdocs/src/usage/vpc-networking.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/userdocs/src/usage/vpc-networking.md b/userdocs/src/usage/vpc-networking.md index bfb773a3d4..177b1d83a8 100644 --- a/userdocs/src/usage/vpc-networking.md +++ b/userdocs/src/usage/vpc-networking.md @@ -47,7 +47,7 @@ addons: - name: kube-proxy ``` -This is an in config file setting only and managed addons need to be defined when IPv6 is set. The default value is `IPv4`. +This is an in config file setting only and default core addons need to be defined when IPv6 is set. The default value is `IPv4`. ## Change VPC CIDR