Removed hardcoding for AMIs in bastion host and added latest AMI lookup

[Ankitasw]

What type of PR is this?
/kind feature

What this PR does / why we need it:
Currently, default AMIs used for bastion are hardcoded. This PR enables to lookup the latest images published by Ubuntu.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #3108

Checklist:

• squashed commits
• includes documentation
• adds unit tests
• adds or updates e2e tests

Release note:

- Added latest AMI lookup for bastion host and removed hardcoded AMIs.
- Added unit tests for bastion.go

[k8s-ci-robot]

@Ankitasw: This issue is currently awaiting triage.

If CAPA/CAPI contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[Ankitasw]

/test pull-cluster-api-provider-aws-e2e

[Ankitasw]

/retest

[sedefsavas]

Would be good to have a section that explains which images we use by default for bastions under accessing ec2 instances section in the book.

Just to confirm, have you tested this locally by bringing up a bastion host?

[Ankitasw]

I will add the documentation.
I have not tested it locally but i checked e2e tests looks fine, would that not suffice? If not, i will check it locally.

[sedefsavas]

I will add the documentation. I have not tested it locally but i checked e2e tests looks fine, would that not suffice? If not, i will check it locally.

If we have a bastion host enabled template probably enough, but probably need to look at the controller logs if creating bastion instance is successful or not because we don't have any checks in the tests. Would be good to make sure locally as well.

[Ankitasw]

If we have a bastion host enabled template probably enough, but probably need to look at the controller logs if creating bastion instance is successful or not because we don't have any checks in the tests. Would be good to make sure locally as well.

I checked that in any of E2E templates we are not setting bastion as enabled, shall we add it to one of the existing tests so that this is tested?
Also, I have tested locally, and checked the logs, it's creating bastion host successfully.

I0311 08:37:10.465774 8 bastion.go:91] controller/awscluster "msg"="Created new bastion host" "cluster"="capi-bastion-test" "name"="capi-bastion-test" "namespace"="default" "reconciler group"="infrastructure.cluster.x-k8s.io" "reconciler kind"="AWSCluster" "id"="i-02b3c36d4135c037d"

And the AMI fetched is the latest one:

aws ec2 describe-images --image-ids ami-01896de1f162f0ab7 --region us-east-1                                                                                 ✔ 

{
    "Images": [
        {
            "Architecture": "x86_64",
            "CreationDate": "2022-03-08T23:53:51.000Z",
            "ImageId": "ami-01896de1f162f0ab7",
            "ImageLocation": "099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20220308",
            "ImageType": "machine",
            "Public": true,
            "OwnerId": "099720109477",
            "PlatformDetails": "Linux/UNIX",
            "UsageOperation": "RunInstances",
            "State": "available",
            "BlockDeviceMappings": [
                {
                    "DeviceName": "/dev/sda1",
                    "Ebs": {
                        "DeleteOnTermination": true,
                        "SnapshotId": "snap-0747283fe9fceac10",
                        "VolumeSize": 8,
                        "VolumeType": "gp2",
                        "Encrypted": false
                    }
                },
                {
                    "DeviceName": "/dev/sdb",
                    "VirtualName": "ephemeral0"
                },
                {
                    "DeviceName": "/dev/sdc",
                    "VirtualName": "ephemeral1"
                }
            ],
            "Description": "Canonical, Ubuntu, 20.04 LTS, amd64 focal image build on 2022-03-08",
            "EnaSupport": true,
            "Hypervisor": "xen",
            "Name": "ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20220308",
            "RootDeviceName": "/dev/sda1",
            "RootDeviceType": "ebs",
            "SriovNetSupport": "simple",
            "VirtualizationType": "hvm"
        }
    ]
}

[Ankitasw]

Would be good to have a section that explains which images we use by default for bastions under accessing ec2 instances section in the book.

@sedefsavas The default latest AMIs that are being used as of now shall be listed there? If yes, we will need to update it everytime the latest AMIs are published right? Or do we just want to specify that we use ubuntu cloud images?

[Ankitasw]

@sedefsavas Let me know if this statement would suffice? Wdyt?

[sedefsavas]

Just added this is true in case AMI ID is not specified.

[sedefsavas]

No need to publish those images in the book since not providing useful info, users can go to that link and see for themselves, and if users want more control, they can specify the AMI ID for the bastion host.

Also, enabling bastion in e2e might be difficult to test, what will be the success condition there? Merging this PR now as this looks complete as is, if you want to do add an e2e test, feel free to do a follow up PR.

[sedefsavas]

/lgtm
/approve

We can check BastionHostReadyCondition in the e2e test.
Also, might add a new reason for this condition: BastionAMILookupFailedReason.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: sedefsavas

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [sedefsavas]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment