From 1545aafe840db1d8e1138fc7129a44b73a7757d9 Mon Sep 17 00:00:00 2001 From: Ole Markus With Date: Thu, 25 Nov 2021 12:28:51 +0100 Subject: [PATCH] Conditionally use RBN or ip names in kops-controller --- nodeup/pkg/model/BUILD.bazel | 1 - nodeup/pkg/model/kubelet.go | 31 ++++--------- upup/pkg/fi/cloudup/awsup/aws_cloud.go | 54 ++++++++++++++--------- upup/pkg/fi/cloudup/awsup/aws_verifier.go | 1 + upup/pkg/fi/nodeup/command.go | 6 ++- 5 files changed, 47 insertions(+), 46 deletions(-) diff --git a/nodeup/pkg/model/BUILD.bazel b/nodeup/pkg/model/BUILD.bazel index 953152bde48ac..f34bb4bf93c4d 100644 --- a/nodeup/pkg/model/BUILD.bazel +++ b/nodeup/pkg/model/BUILD.bazel @@ -69,7 +69,6 @@ go_library( "//util/pkg/vfs:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/ec2metadata:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/session:go_default_library", - "//vendor/github.com/aws/aws-sdk-go/service/ec2:go_default_library", "//vendor/github.com/blang/semver/v4:go_default_library", "//vendor/github.com/pelletier/go-toml:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", diff --git a/nodeup/pkg/model/kubelet.go b/nodeup/pkg/model/kubelet.go index d706f57aeb912..8f19c2543b2e5 100644 --- a/nodeup/pkg/model/kubelet.go +++ b/nodeup/pkg/model/kubelet.go @@ -27,10 +27,10 @@ import ( "github.com/aws/aws-sdk-go/aws/ec2metadata" "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/ec2" v1 "k8s.io/api/core/v1" "k8s.io/klog/v2" + "k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/flagbuilder" "k8s.io/kops/pkg/nodelabels" @@ -59,7 +59,6 @@ var _ fi.ModelBuilder = &KubeletBuilder{} // Build is responsible for building the kubelet configuration func (b *KubeletBuilder) Build(c *fi.ModelBuilderContext) error { - err := b.buildKubeletServingCertificate(c) if err != nil { return fmt.Errorf("error building kubelet server cert: %v", err) @@ -191,6 +190,8 @@ func (b *KubeletBuilder) buildSystemdEnvironmentFile(kubeletConfig *kops.Kubelet kubeletConfig.BootstrapKubeconfig = "" } + kubeletConfig.HostnameOverride = "" + // TODO: Dump the separate file for flags - just complexity! flags, err := flagbuilder.BuildFlags(kubeletConfig) if err != nil { @@ -304,7 +305,6 @@ func (b *KubeletBuilder) buildSystemdService() *nodetasks.Service { service.InitDefaults() if b.ConfigurationMode == "Warming" { - service.Running = fi.Bool(false) } @@ -551,7 +551,6 @@ func (b *KubeletBuilder) buildMasterKubeletKubeconfig(c *fi.ModelBuilderContext) } func (b *KubeletBuilder) buildKubeletServingCertificate(c *fi.ModelBuilderContext) error { - if b.UseKopsControllerForNodeBootstrap() { name := "kubelet-server" dir := b.PathSrvKubernetes() @@ -599,29 +598,15 @@ func (b *KubeletBuilder) buildKubeletServingCertificate(c *fi.ModelBuilderContex } } return nil - } func (b *KubeletBuilder) kubeletNames() ([]string, error) { - if kops.CloudProviderID(b.Cluster.Spec.CloudProvider) != kops.CloudProviderAWS { - name, err := os.Hostname() - if err != nil { - return nil, err - } - - addrs, _ := net.LookupHost(name) - - return append(addrs, name), nil - } - - cloud := b.Cloud.(awsup.AWSCloud) - - result, err := cloud.EC2().DescribeInstances(&ec2.DescribeInstancesInput{ - InstanceIds: []*string{&b.InstanceID}, - }) + name, err := os.Hostname() if err != nil { - return nil, fmt.Errorf("error describing instances: %v", err) + return nil, err } - return awsup.GetInstanceCertificateNames(result) + addrs, _ := net.LookupHost(name) + + return append(addrs, name), nil } diff --git a/upup/pkg/fi/cloudup/awsup/aws_cloud.go b/upup/pkg/fi/cloudup/awsup/aws_cloud.go index 9544abdff8528..9f97419cf45af 100644 --- a/upup/pkg/fi/cloudup/awsup/aws_cloud.go +++ b/upup/pkg/fi/cloudup/awsup/aws_cloud.go @@ -51,6 +51,8 @@ import ( v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" + k8s_aws "k8s.io/legacy-cloud-providers/aws" + "k8s.io/kops/dnsprovider/pkg/dnsprovider" dnsproviderroute53 "k8s.io/kops/dnsprovider/pkg/dnsprovider/providers/aws/route53" "k8s.io/kops/pkg/apis/kops" @@ -60,7 +62,6 @@ import ( identity_aws "k8s.io/kops/pkg/nodeidentity/aws" "k8s.io/kops/pkg/resources/spotinst" "k8s.io/kops/upup/pkg/fi" - k8s_aws "k8s.io/legacy-cloud-providers/aws" ) // By default, aws-sdk-go only retries 3 times, which doesn't give @@ -69,21 +70,29 @@ import ( // backoff along the way. const ClientMaxRetries = 13 -const DescribeTagsMaxAttempts = 120 -const DescribeTagsRetryInterval = 2 * time.Second -const DescribeTagsLogInterval = 10 // this is in "retry intervals" +const ( + DescribeTagsMaxAttempts = 120 + DescribeTagsRetryInterval = 2 * time.Second + DescribeTagsLogInterval = 10 // this is in "retry intervals" +) -const CreateTagsMaxAttempts = 120 -const CreateTagsRetryInterval = 2 * time.Second -const CreateTagsLogInterval = 10 // this is in "retry intervals" +const ( + CreateTagsMaxAttempts = 120 + CreateTagsRetryInterval = 2 * time.Second + CreateTagsLogInterval = 10 // this is in "retry intervals" +) -const DeleteTagsMaxAttempts = 120 -const DeleteTagsRetryInterval = 2 * time.Second -const DeleteTagsLogInterval = 10 // this is in "retry intervals" +const ( + DeleteTagsMaxAttempts = 120 + DeleteTagsRetryInterval = 2 * time.Second + DeleteTagsLogInterval = 10 // this is in "retry intervals" +) -const TagClusterName = "KubernetesCluster" -const TagNameRolePrefix = "k8s.io/role/" -const TagNameEtcdClusterPrefix = "k8s.io/etcd/" +const ( + TagClusterName = "KubernetesCluster" + TagNameRolePrefix = "k8s.io/role/" + TagNameEtcdClusterPrefix = "k8s.io/etcd/" +) const TagRoleMaster = "master" @@ -382,7 +391,6 @@ func NewAWSCloud(region string, tags map[string]string) (AWSCloud, error) { } func (c *awsCloudImplementation) addHandlers(regionName string, h *request.Handlers) { - delayer := c.getCrossRequestRetryDelay(regionName) if delayer != nil { h.Sign.PushFrontNamed(request.NamedHandler{ @@ -650,7 +658,6 @@ func getCloudGroups(c AWSCloud, cluster *kops.Cluster, instancegroups []*kops.In } return groups, nil - } // FindAutoscalingGroups finds autoscaling groups matching the specified tags @@ -715,7 +722,6 @@ func FindAutoscalingGroups(c AWSCloud, tags map[string]string) ([]*autoscaling.G return nil, fmt.Errorf("error listing autoscaling groups: %v", err) } } - } return asgs, nil @@ -771,7 +777,7 @@ func findAutoscalingGroupLaunchConfiguration(c AWSCloud, g *autoscaling.Group) ( } version := aws.StringValue(launchTemplate.Version) - //Correctly Handle Default and Latest Versions + // Correctly Handle Default and Latest Versions klog.V(4).Infof("Launch Template Version Specified By ASG: %v", version) if version == "" || version == "$Default" || version == "$Latest" { input := &ec2.DescribeLaunchTemplatesInput{ @@ -949,7 +955,6 @@ func findInstances(c AWSCloud, ig *kops.InstanceGroup) (map[string]*ec2.Instance } } return instances, nil - } func findDetachedInstances(c AWSCloud, g *autoscaling.Group) ([]*string, error) { @@ -1316,6 +1321,7 @@ func removeELBTags(c AWSCloud, loadBalancerName string, tags map[string]string) return nil } + func (c *awsCloudImplementation) RemoveELBV2Tags(ResourceArn string, tags map[string]string) error { return removeELBV2Tags(c, ResourceArn, tags) } @@ -2082,10 +2088,16 @@ func GetInstanceCertificateNames(instances *ec2.DescribeInstancesOutput) (addrs } instance := instances.Reservations[0].Instances[0] + { + if *instance.PrivateDnsNameOptions.HostnameType == ec2.HostnameTypeResourceName { + name := *instance.InstanceId + addrs = append(addrs, name) + } else { + name := *instance.PrivateDnsName + addrs = append(addrs, name) - name := *instance.PrivateDnsName - - addrs = append(addrs, name) + } + } // We only use data for the first interface, and only the first IP for _, iface := range instance.NetworkInterfaces { diff --git a/upup/pkg/fi/cloudup/awsup/aws_verifier.go b/upup/pkg/fi/cloudup/awsup/aws_verifier.go index 24df1ec32ed2a..167de564717b5 100644 --- a/upup/pkg/fi/cloudup/awsup/aws_verifier.go +++ b/upup/pkg/fi/cloudup/awsup/aws_verifier.go @@ -36,6 +36,7 @@ import ( "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" "github.com/aws/aws-sdk-go/service/sts" + "k8s.io/kops/pkg/bootstrap" nodeidentityaws "k8s.io/kops/pkg/nodeidentity/aws" ) diff --git a/upup/pkg/fi/nodeup/command.go b/upup/pkg/fi/nodeup/command.go index 1c7d01aeb3ec2..e87ee37ab7225 100644 --- a/upup/pkg/fi/nodeup/command.go +++ b/upup/pkg/fi/nodeup/command.go @@ -484,7 +484,11 @@ func evaluateHostnameOverride(cloudProvider api.CloudProviderID) (string, error) if err != nil { return "", fmt.Errorf("error reading local-hostname from AWS metadata: %v", err) } - return string(hostnameBytes), nil + hostname := string(hostnameBytes) + if strings.HasPrefix(hostname, "i-") { + return "", nil + } + return hostname, nil case api.CloudProviderGCE: // This lets us tolerate broken hostnames (i.e. systemd) b, err := vfs.Context.ReadFile("metadata://gce/instance/hostname")