Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reuse CAPI bootstrap secret with Supervisor #1584

Merged
merged 1 commit into from
Jul 26, 2022
Merged

Reuse CAPI bootstrap secret with Supervisor #1584

merged 1 commit into from
Jul 26, 2022

Conversation

akutz
Copy link
Contributor

@akutz akutz commented Jul 26, 2022
edited

What this PR does / why we need it:

This patch removes the logic for creating a new ConfigMap resource for Supervisor VMs. Instead CAPV simply points the Supervisor resources to the existing CAPI bootstrap secrets.

Previously Supervisor integration required setting the ControlPlaneEndpoint value in Cloud-Init metadata.
However, this was recognized as vestigial as the KubeadmBootstrap controller automatically grabs the
ControlPlaneEndpoint from the Cluster.Spec.ControlPlaneEndpoint field if the value is not explicitly specified.

For more information please see the following links:

  1. The CAPV Cluster reconciler does not proceed until there is a control plane endpoint

    cluster-api-provider-vsphere/controllers/vmware/vspherecluster_reconciler.go

    Lines 184 to 188 in cc73592

    if ok, err := r.reconcileControlPlaneEndpoint(ctx); !ok {
    if err != nil {
    return reconcile.Result{}, errors.Wrapf(err, "unexpected error while reconciling control plane endpoint for %s", ctx.VSphereCluster.Name)
    }
    }
  2. The CAPV Cluster reconciler sets Cluster.Spec.ControlPlaneEndpoint to the value of the load balancer

    cluster-api-provider-vsphere/controllers/vmware/vspherecluster_reconciler.go

    Lines 254 to 255 in cc73592

    // If we've got here and we have a cpEndpoint, we're done.
    ctx.VSphereCluster.Spec.ControlPlaneEndpoint = *cpEndpoint
  3. The CAPV Cluster reconciler only marks the Cluster as "ready" when there is a valid control plane endpoint

    cluster-api-provider-vsphere/controllers/vmware/vspherecluster_reconciler.go

    Line 190 in cc73592

    ctx.VSphereCluster.Status.Ready = true
  4. The CAPI Core KubeadmBootstrap reconciler does not proceed unless the Cluster is marked as "ready"
  5. The CAPI Core KubeadmBootstrap reconciler uses the value of Cluster.Spec.ControlPlaneEndpoint if one is not provided explicitly
  6. The CAPV Machine reconciler does not proceed until the bootstrap data is ready

    cluster-api-provider-vsphere/controllers/vspheremachine_controller.go

    Lines 292 to 302 in cc73592

    // Make sure bootstrap data is available and populated.
    if ctx.GetMachine().Spec.Bootstrap.DataSecretName == nil {
    if !util.IsControlPlaneMachine(ctx.GetVSphereMachine()) && !conditions.IsTrue(ctx.GetCluster(), clusterv1.ControlPlaneInitializedCondition) {
    ctx.GetLogger().Info("Waiting for the control plane to be initialized")
    conditions.MarkFalse(ctx.GetVSphereMachine(), infrav1.VMProvisionedCondition, clusterv1.WaitingForControlPlaneAvailableReason, clusterv1.ConditionSeverityInfo, "")
    return ctrl.Result{}, nil
    }
    ctx.GetLogger().Info("Waiting for bootstrap data to be available")
    conditions.MarkFalse(ctx.GetVSphereMachine(), infrav1.VMProvisionedCondition, infrav1.WaitingForBootstrapDataReason, clusterv1.ConditionSeverityInfo, "")
    return reconcile.Result{}, nil
    }

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
NA

Special notes for your reviewer:

Please note that I raised the failing go-apidiff test with @srm09 in internal Slack:

@akutz
I have no idea what make o-apidiff is or why it's causing a PR precheck to fail...

@srm09
apidiff just uses the same mechanism CAPI uses to figure out if any public facing method signatures get changed or removed. For the sake of consistency, this was done across all providers.

It is not a required check, so the PR should be ready to be merged even w/o it passing

Therefore it seems like we are okay moving ahead with this PR with that test failing. If anyone has any concerns, please let me know. Thanks!

Please confirm that if this PR changes any image versions, then that's the sole change this PR makes.

Release note:

* Supervisor integration no longer requires duplicating the bootstrap Secret resource as a plain-text ConfigMap resource.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jul 26, 2022
@akutz akutz force-pushed the feature/supervisor-reuse-bootstrap-secret branch 6 times, most recently from dea2b70 to ef25aaf Compare July 26, 2022 16:43
@akutz
Reuse CAPI bootstrap secret with Supervisor
4ca52b0 
This patch removes the logic for creating a new ConfigMap
resource for Supervisor VMs. Instead CAPV simply points
the Supervisor resources to the existing CAPI bootstrap
secrets.

Previously Supervisor integration required setting
the ControlPlaneEndpoint value in Cloud-Init metadata.
However, this was recognized as vestigial as the
KubeadmBootstrap controller automatically grabs the
ControlPlaneEndpoint from the
Cluster.Spec.ControlPlaneEndpoint field if the value is
not explicitly specified.

For more information please see the following links:

* The CAPV Cluster reconciler does not proceed until there is a control plane endpoint -- https://github.com/kubernetes-sigs/cluster-api-provider-vsphere/blob/cc735927f7c7671dc8f30bc796474fa62555a127/controllers/vmware/vspherecluster_reconciler.go#L184-L188
* The CAPV Cluster reconciler only marks the Cluster as "ready" when there is a valid control plane endpoint -- https://github.com/kubernetes-sigs/cluster-api-provider-vsphere/blob/cc735927f7c7671dc8f30bc796474fa62555a127/controllers/vmware/vspherecluster_reconciler.go#L190
* The CAPI Core KubeadmBootstrap reconciler does not proceed unless the Cluster is marked as "ready" -- https://github.com/kubernetes-sigs/cluster-api/blob/bc177c6906e8b7063520777c2d608b7297fd86b9/bootstrap/kubeadm/internal/controllers/kubeadmconfig_controller.go#L234-L238
* The CAPI Core KubeadmBootstrap reconciler uses the value of Cluster.Spec.ControlPlaneEndpoint if one is not provided explicitly -- https://github.com/kubernetes-sigs/cluster-api/blob/ffee0a45cf823965d6e6d578d93eb3b6730ec734/bootstrap/kubeadm/internal/controllers/kubeadmconfig_controller.go#L925-L931
* The CAPV Machine reconciler does not proceed until the bootstrap data is ready -- https://github.com/kubernetes-sigs/cluster-api-provider-vsphere/blob/cc735927f7c7671dc8f30bc796474fa62555a127/controllers/vspheremachine_controller.go#L292-L302
@akutz akutz force-pushed the feature/supervisor-reuse-bootstrap-secret branch from ef25aaf to 4ca52b0 Compare July 26, 2022 17:07
@k8s-ci-robot
Copy link
Contributor

@akutz: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-cluster-api-provider-vsphere-apidiff-main 4ca52b0 link false /test pull-cluster-api-provider-vsphere-apidiff-main

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@srm09
Copy link
Contributor

srm09 commented Jul 26, 2022

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 26, 2022
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: srm09

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 26, 2022
@k8s-ci-robot k8s-ci-robot merged commit 2a68d1d into kubernetes-sigs:main Jul 26, 2022
@srm09 srm09 mentioned this pull request Oct 20, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MaxRink MaxRink Awaiting requested review from MaxRink

@yastij yastij Awaiting requested review from yastij

Assignees

@srm09 srm09

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@akutz @k8s-ci-robot @srm09